cert-manager/certificates-issuing: re-queuing item due to optimistic locking on resource"

[Kaali09]

Describe the bug:
We are seeing the error message below in the cert-manager pod logs whenever we attempt to create or renew a certificate. However, certificate creation and renewal are functioning properly. Nevertheless, this error message is causing us to suspect that there may be an issue in the system.

I0318 06:34:56.581056       1 controller.go:162] "cert-manager/certificates-readiness: re-queuing item due to optimistic locking on resource" key="kafka-hasty-electron/kafka-cert-tls" error="Operation cannot be fulfilled on certificates.cert-manager.io \"kafka-cert-tls\": the object has been modified; please apply your changes to the latest version and try again"
I0318 06:34:56.582609       1 conditions.go:192] Found status change for Certificate "kafka-cert-tls" condition "Ready": "False" -> "True"; setting lastTransitionTime to 2024-03-18 06:34:56.582600641 +0000 UTC m=+2055.224754078
I0318 06:34:56.610545       1 controller.go:162] "cert-manager/certificates-issuing: re-queuing item due to optimistic locking on resource" key="kafka-hasty-electron/kafka-cert-tls" error="Operation cannot be fulfilled on certificates.cert-manager.io \"kafka-cert-tls\": the object has been modified; please apply your changes to the latest version and try again"
I0318 06:34:56.636132       1 controller.go:162] "cert-manager/certificates-key-manager: re-queuing item due to optimistic locking on resource" key="kafka-hasty-electron/kafka-cert-tls" error="Operation cannot be fulfilled on certificates.cert-manager.io \"kafka-cert-tls\": the object has been modified; please apply your changes to the latest version and try again"

Expected behaviour:
Cert-manager shouldn't be generating these error messages when certificate creation and renewal are functioning properly

Steps to reproduce the bug:

1. Install version v1.12.9 of cert-manager.
2. Attempt to create a certificate.
3. Check the logs of the cert-manager pod for any error messages.

Anything else we need to know?:

Environment details::

• Kubernetes version: v1.24.17
• Cloud-provider/provisioner: AWS
• cert-manager version: v1.12.9
• Install method: helm

/kind bug

[inteon]

You can enable ServerSideApply on all components to prevent these errors from happening.
However, these errors should not lead to any issues, they will self-resolve when retried.

You can learn more about setting feature flags like ServerSideApply on https://cert-manager.io/docs/installation/configuring-components/.