To use Cert-manager.io with Certificate Enrollment Gateway:

• If you will use secure HTTPS with Cert-manager.io, copy Certificate Enrollment Gateway’s TLS certificate chain to the server that will host Cert-manager.io.
• For HTTP-01 validation, the DNS server must resolve the requested DNS name to the IP address of the server hosting Cert-manager.io.
• For DNS-01 validation, nonsecure and secure dynamic updates must be enabled for the domain for which Cert-manager.io is requesting certificates.
• Obtain the ACMEv2 enrollment URL used to request a certificate from Certificate Enrollment Gateway. For details, see ACMEv2 enrollment URL. You need this URL later when configuring Cert-manager.io.