Kenjiro Nakayama

This is possible to support if we sign the server certs in activator and queue-proxy by the same CA and SAN. However, it is better to support different SAN or...

Thank you for opening this. I want to confirm one thing at the beginning. The support of `net-*`'s `N` and `N-1` minor versions is requested but your actual goal is...

How did you install net-certmanager? (Please note that cert-manager is different from Knative's net-certmanager). operator does not have an option to install net-certmanager so you need to install it manually...

Thank you. Hmm.... I tested the autoTLS if I can reproduce it or not but it works without any issue like permission. I am sharing the steps below I did,...

> I believe I may have located the source of the problem. Despite having configured the ClusterIssuer letsencrypt in the KnativeServing resource, the config-certmanager configmap still has an example configuration....

FYI - @dprotaso @ReToCode As per totday's [Serving Meeting Notes](https://docs.google.com/document/d/1rpag5-zffHGxAT7V4Nv28C_xx5Ow6L4mZuHbe3ebOQ8/edit), net-http01 might be deprecated in the future. But this issue is a net-http01 and I think it is still active.

Just linking to the discussion https://github.com/knative/serving/pull/13005#discussion_r905743202 This is achievable with the current same CA and same SAN but we should try SNI.

/assign @Gekko0114 Of course! Thank you so much @Gekko0114

Sorry I still have a good idea but leave a few comments. > There is an issue with the Endpoint to the Kubernetes service (at least in my environment). In...

+1 Knative on Istio have to use `triggerRules.excludedPaths.{exact,prefix}` for authentication policy as knative service gets health checking and metrics collection from external(knative system pods). So this feature is really necessary....