Product Overview

cert-manager

cert-manager is the leading Kubernetes controller for X.509 certificate management. It automates the issuance and renewal of certificates from Let's Encrypt, HashiCorp Vault, Venafi, AWS Private CA, Google CAS, and internal CA setups. cert-manager is a CNCF Graduated project originally built by Jetstack, and it's the go-to tool for any team running TLS on Kubernetes.

Last updated

Founded
2017
Pricing
Free (open source); enterprise support from Venafi/CyberArk
Verify with vendor
Deployment
Open SourceSelf-Hosted
Secrets Management

Key Features

+Automatic Let's Encrypt certificate issuance
+Support for HashiCorp Vault PKI, Venafi, AWS Private CA
+ACME HTTP-01 and DNS-01 solvers
+Automatic renewal before expiry
+Certificate and Issuer CRDs
+Multi-cluster support via federation
+Approver policies for manual/automated signing
+Ingress annotations for TLS
+Istio and Gateway API integration
+CNCF Graduated project

Pros & Cons

Pros

  • +De facto standard for TLS on Kubernetes
  • +Wide CA provider support (public and private)
  • +Automatic renewal eliminates expired-cert incidents
  • +Massive community and active development

Cons

  • Kubernetes-only; not for non-container workloads
  • Configuration has many CRDs to understand (Issuer, ClusterIssuer, Certificate)
  • ACME rate limits can surprise teams doing heavy issuance
  • Complex certificate chains require custom Issuer logic

Best For

Any Kubernetes team that needs TLS — which is nearly all of them

Community & Practitioner Evidence

Community Sources

🔗 GitHub
  • cert-manager GitHub[GitHub]
💬 Reddit Discussions
  • cert-manager on r/kubernetes[Reddit]

User Reviews

No reviews yet. Be the first to share your experience!

As a Product Hub

cert-manager Alternatives

Kubernetes certificate controller supporting Let's Encrypt, Vault, and more

Secrets Management

As an Alternative (1 comparison)

SPIFFE / SPIRE vs cert-manager

Kubernetes certificate controller supporting Let's Encrypt, Vault, and more

Secrets Management

Sources & References

  1. cert-manager (Official Site)[Vendor]
  2. cert-manager Reviews on G2[User Reviews]
  3. cert-manager Reviews on TrustRadius[User Reviews]
  4. cert-manager Reviews on PeerSpot[User Reviews]
  5. cert-manager/cert-manager (GitHub)[Open Source Project]
  6. cert-manager GitHub[Open Source Project]
  7. cert-manager on r/kubernetes[Community Discussion]
  8. Gartner Market Guide for Secrets Management[Analyst Report]
  9. Forrester Wave: Secrets Management, Q4 2023[Analyst Report]
  10. GigaOm Radar for Key Management[Analyst Report]
  11. NIST SP 800-57: Recommendation for Key Management[Government Standard]
  12. CIS Controls: Safeguard 3.11 – Encrypt Sensitive Data at Rest[Industry Framework]

Related Comparisons & Categories

Comparison

SPIFFE / SPIRE vs cert-manager

Kubernetes certificate controller supporting Let's Encrypt, Vault, and more

Product Hub

cert-manager Alternatives

Compare alternatives to cert-manager

Are you from cert-manager?

Claim this listing to update your product information, respond to reviews, and ensure accuracy.