When trying to test http01 solver with default Ingress in microshift it does not work because there is no IngressClassName.
cert-manager expects to set the ingressClassName field on the temporary Ingress it creates for the challenge. If the corresponding IngressClass resource doesn't exist, even if MicroShift's router could handle it, cert-manager might not trust that it will, or it might be configured to explicitly look for an IngressClass definition. The absence of the IngressClass means the "glue" is missing for cert-manager to confidently direct the challenge to the router

4.20

Always

1. Install microshift 4.20 cluster
2. Install cert-manager rpms
3. create namespace using command oc create ns test-cert-manager
4. create acme issuer using the yaml file below
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: letsencrypt-http01
spec:
  acme:
    privateKeySecretRef:
      name: acme-account-key
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    solvers:
    - http01:
        ingress:
         ingressClassName: openshift-default
5. create a certificate using the yaml file below
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: cert-from-letsencrypt-http01
spec:
  commonName: microshift.gcp.devcluster.openshift.com
  dnsNames:
  - microshift.gcp.devcluster.openshift.com
  duration: 1h
  issuerRef:
    group: cert-manager.io
    kind: Issuer
    name: letsencrypt-http01
  renewBefore: 58m
  secretName: cert-from-letsencrypt-http01
  usages:
  - server auth

certificate never becomes ready

certificate should become ready

After creating an ingress class as below and updating issuer with the class name below, certificate became ready.
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: openshift-ingress
spec:
  controller: openshift.io/ingress-to-route

https://cert-manager.io/docs/configuration/acme/http01/#ingressclassname