Cert Manager failed to call webhook in OCP

Posted on

Last February, we used this script to provision new CP4D instances in our OCP Certification environments. In the attached new_instance script, we are running this command:

cpd-cli manage apply-cluster-components \
--release=${VERSION} \
--license_acceptance=true \
--cert_manager_ns=${PROJECT_CERT_MANAGER} \

This step is supposed to utilize the cert-manager operator to create signed certificates for the CP4D instance in OpenShift, but instead throws this error:
error when creating "STDIN": Internal error occurred: failed calling webhook "mutate.webhooks.cert-manager.io": failed to call webhook: Post "https://cert-manager-webhook-service.open
shift-operators.svc:443/mutate?timeout 10s": tls: failed to verify certificate: ×509: certificate signed by unknown authority

We had this script and procedure working perfectly before but due to this webhook failure to the cert-manager operator I'm not able to provision new CP4D instances on OCP for internal clients. I've had a couple working sessions with senior RH consultants but unable to make much progress here. We were wondering if others have ran into this issue before and could provide some advice on how to troubleshoot this issue?