Skip to content

cert-manager overview

cert-manager is an enterprise Kubernetes component based on the open-source project that uses custom resources to automate TLS certificate management in your clusters. Using built-in issuers, it can request certificates from CAs configured in Next-Gen Trust Security or manage them independently.

cert-manager provides the following key benefits:

  • Supports major certificate authorities including Let's Encrypt, HashiCorp Vault, and private PKI, and automates certificate renewal using the Certificate and Issuer resource types.
  • Stores certificates as Kubernetes Secrets that can be mounted by application pods or used by ingress and gateway resources
  • Provides the foundation for other components including Approver Policy, Enterprise Issuer, and Istio CSR, which extend cert-manager with policy enforcement, cloud-based issuance, and service mesh integration.

By using cert-manager, your organization automates certificate management across Kubernetes and OpenShift clusters while supporting your other Next-Gen Trust Security Kubernetes components.

What's next?

To get started, install cert-manager in your cluster using Helm. Or, review the releases page for version history and release details.