Currently running OpenShift 4.14 with cert-manager 1.13.0 in conjunction with google-cas-issuer https://github.com/jetstack/google-cas-issuer 

Whenever there are two conflicting certificate objects which point to the same secret name, the second certificate which uses that secret is picked up by cert-manager and shows a non ready status stating there may be a conflict in secret names - This is correct behaviour which we want to see.

But the problem we’re experiencing is when a certificate has a keystore (jks or pkcs12) added into the object, the corresponding secret which has the two certificates pointing to it then does a constant overwriting of the secret values, repeating on loop, an addition and deletion of the keystores. Also shown in the logs of cert-manager is an extremely large amount of logs being spammed showing errors such as “Applying secret data - keystore is not defined” along with other similar ones. When the conflicting certificate is deleted, this problem is then solved. Could this potentially be recreated and a bug issue confirmed from this report?