In some circumstances, you may need to change the list of DNS name servers used by the cert-manager component when it issues DNS01 challenges for ACME certs. By default, cert-manager will use the recursive name servers specified in /etc/resolv.conf for these challenges, but this configuration may not always be desired. cert-manager offers two flags that can be used to configure what DNS servers are used for these challenges:
To configure these settings for cert-manager in a Konvoy 1.x installation, change your cluster.yaml as follows:
- name: cert-manager
For more information on these cert-manager flags, consult the cert-manager documentation.