X.509 certificate management for Kubernetes and OpenShift
11,000+ GitHub Stars
8000+ Slack members
5 million+ daily downloads
cert-manager is a powerful and extensible X.509 certificate controller for Kubernetes and OpenShift workloads. It will obtain certificates from a variety of Issuers, both popular public Issuers as well as private Issuers, and ensure the certificates are valid and up-to-date, and will attempt to renew certificates at a configured time before expiry.
cert-manager was created by It was proudly donated to CNCF in 2020.
Automated issuance and renewal of certificates to secure Ingress with TLS
Fully integrated Issuers from recognised public and private Certificate Authorities
Secure pod-to pod communication with mTLS using private PKI Issuers
Supports certificate use cases for web facing and internal workloads
Open source add-ons for enhanced cloud native service mesh security
Backed by major cloud service providers and distributions