What is the nature and description of the request?

• As we want to use ACME to setup TLS endpoint certificates, it would be nice to be able to issue them via ACME http-01 challenge. Currently it is only possible via DNS-01 challenge, as cert-manager is not able to open a http challenge path inside of the existing endpoints. In our company DNS changes by cert-manager are not possible, as the network zone concept is not allowing administrativ DNS access. Therefor usage of http-01 challenge for this endpoints would be helpful.

Why does the customer need this? (List the business requirements here):

• no DNS-01 challenge possible
• ACME certificates are required internally in future and becoming more and more best practice

List any affected packages or components.

• OCP Console / Download (oc client download endpoint)
• OCP API
• OCP OAuth
• furthermore all RedHat support OCP WebApps

What is the business impact?

• currently certificates need to be created by a third instance (IaC) in a kind of schedule to renew certificates with a DNS-01 challenge
• that increases the possibility of failures as complexity and dependencies rises