cert-manager Community Day videos

On the 9th September we had the first cert-manager Community Day. It was very successful with lots of great talks and questions from the community. We would like to thank everyone that contributed to the day, whether that was giving a talk, asking a question, organising behind the scenes or just attending.

Integrating cert-manager with Google Cloud Certificate Authority Service

cert-manager builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide ‘certificates as a service’ to developers working within your Kubernetes cluster. cert-manager is very popular with tens of thousands of users. cert-manager can be used for many different use cases within your clusters, including mutual TLS (mTLS) between workloads, and for securing traffic from end users with ingress.

Jetstack donates cert-manager to Cloud Native Computing Foundation

We are excited to announce that our donation of the cert-manager project to the Cloud Native Computing Foundation® (CNCF®) “Sandbox” has been accepted. cert-manager automates the management of X.509 machine identities within Kubernetes and OpenShift and has become one of the leading community projects in the cloud-native ecosystem. The project is now used by companies all across the world and in all sorts of industries, including government departments, large financial institutions, car manufacturers, and retail stores.

Easier Troubleshooting of cert-manager Certificates

[Editor’s note: This post was written by Haoxiang Zhou who was a work placement student at Jetstack for the past four months. We are grateful to Haoxiang for adding this very useful feature, and all his other contributions, and wish him all the best with his final year of study.]

This post will explore the newest addition to the kubectl plugin of cert-manager, kubectl cert-manager status certificate, a command designed to make the troubleshooting experience of cert-manager problems easier. The command was hugely improved in the recent v1 release. Jump to the bottom for more information on how to get involved and start contributing!

cert-manager reaches v1 and Jetstack announce enterprise support

On behalf of the cert-manager team, it is with great pleasure to announce the v1 release of the cert-manager project! A project started by Jetstack three years ago, cert-manager automates the management of x509 machine identities within Kubernetes and OpenShift. It has grown to become a leading community project in the cloud native ecosystem, with many tens of thousands of end-users. The project has now reached a level of maturity and we are excited to reach this momentous milestone with the help and support of the entire community.

Configuring MySQL SSL/TLS authentication with cert-manager

We recently worked on a customer project, where they wanted to secure the connection between their Java Spring Boot application and their MySQL Database, all this running on Google Kubernetes Engine (GKE). We suggested they use cert-manager, our preferred certificate management tool on Kubernetes.

Cert-manager v0.15 and beyond

This post will explore the new features in the recently released cert-manager v0.15, as well as give an overview of our plans for the future of the project. Jump to the bottom for more information on how to get involved and start contributing! The cert-manager project has come leaps and bounds since its beginnings almost three years ago. Initially started to expand on the success of its predecessor, kube-lego, the project is now used by companies all across the world and in all sorts of industries, including government departments, large financial institutions, car manufacturers and retail stores!

Using Kubectl's new Kustomize support for per-environment deployment of cert-manager resources

Introduction Kustomize is an increasingly popular tool for generating Kubernetes manifests, and is now included with Kubectl 1.14. Rather than using templates Kustomize works by applying modifications to already valid manifests. Using this pattern, it provides various features including resource namespacing, modification of metadata, and generation of Kubernetes Secrets. To start using Kustomize you need one or more Kubernetes manifests and a kustomization.yaml file. The kustomization.yaml file is itself a manifest, which specifies a list of resources, patches to apply, and various other options.

Cert-manager reaches v0.6

We’re excited to announce v0.6 of cert-manager, the general purpose X.509 certificate management tool for Kubernetes. Cert-manager provides automated issuance, renewal and management of certificates within your organisation.

Certificate management in highly dynamic environments is no easy feat, and if approached without careful consideration could quickly lead to outages and service interuption when certificates begin expiring. By standardising on a single tool for managing your PKI assets, you can ensure that certificates are being automatically renewed, and that the appropriate teams are notified if there are any issues or policy violations within your cluster.

Cert-manager: native x509 certificate management for Kubernetes

Those of you who closely follow Jetstack’s open source projects may have already noticed that our new certificate management tool, cert-manager, has been available for some time now. In fact, we now have over 1,000 stars on GitHub!

Cert-manager is a general purpose x509 certificate management tool for Kubernetes. In today’s modern web, securing application traffic is critical. cert-manager aims to simplify management, issuance and renewal of certificates within your organisation.