Is this a BUG REPORT or FEATURE REQUEST?:

/kind bug

What happened:

When running ingress-nginx with use-proxy-protocol: true, the check stage of cert-manager fails as it (appears to) communicate with the ingress controller using plain HTTP requests.

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):

• Deploy ingress-nginx
• Configure an upstream load balancer that supports proxy protocol and enable it.
• Set ConfigMap option use-proxy-protocol: true, and proxy-real-ip-cidr: x.x.x.x (Use the real load balancer IP) for the nginx controller
• Deploy cert-manager
• Request a certificate using HTTP01 confirmation.

Anything else we need to know?:

Environment:

• Kubernetes version: Client Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.0", GitCommit:"fc32d2f3698e36b93322a3465f63a14e9f0eaead", GitTreeState:"clean", BuildDate:"2018-03-26T16:55:54Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.0", GitCommit:"fc32d2f3698e36b93322a3465f63a14e9f0eaead", GitTreeState:"clean", BuildDate:"2018-03-26T16:44:10Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
• Cloud provider or hardware configuration**: 1 master, 3 nodes, vSphere
• Install tools:
• Log files:

nginx-ingress-controller:

2018/04/13 12:27:55 [error] 1837#1837: *10321 broken header: "GET /.well-known/acme-challenge/9oQ5DbRUHNpnIsqvlvFUcb-km2OgpckyaXXEQh9cQQk HTTP/1.1
Host: therealhost.example.com
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

" while reading PROXY protocol, client: 10.129.2.0, server: 0.0.0.0:80

cert-manager:
E0413 12:25:57.580259 1 controller.go:196] certificates controller: Re-queuing item "kube-system/therealhost.example.com" due to error processing: error waiting for key to be available for domain "therealhost.example.com": context deadline exceeded