cert-manager
cert-manager.ioCloud native X.509 certificate management for Kubernetes and OpenShift
Ops & Infrakubernetestlscertificatesx509openshiftpkicncf
About
cert-manager is an open-source Kubernetes controller that automates the issuance, renewal, and management of X.509 TLS certificates for Kubernetes and OpenShift workloads. It integrates with multiple certificate authorities including Let's Encrypt, HashiCorp Vault, and private PKI, and stores certificates in Kubernetes Secrets. Donated to the CNCF in 2020, it supports use cases ranging from public-facing Ingress TLS to internal mTLS pod-to-pod communication.
Problem
Managing TLS certificate issuance, renewal, and distribution in Kubernetes clusters is complex and error-prone when done manually.
For
Platform engineers and DevOps teams running Kubernetes or OpenShift clusters
How it works
cert-manager runs as a Kubernetes controller that automatically requests certificates from configured issuers and renews them before expiry, storing them as Kubernetes Secrets or injecting them directly via CSI drivers.
Business model
open-source
Status
launched
Launched
2020