September 2, Jetstack released the generally available version of the X.509 certificate manager for Kubernetes, “cert-manager 1.0”.
cert-manager is developed by Jetstack, and it an open-source Kubernetes add-on. It automates the management of TLS certificates from various issuing sources. It is based on the kube-lego, and it has adopted the concept of kube-cert-manager. It verifies the certificate and regularly checks the version to renew before expiry. Jetstack was acquired by Venafi in April.
It is the first generally available version ever since they started building it three years ago. In regards to API, it is now compatible with v1 API, and it uses the new and stable Kubernetes APIs.
This release introduces kubectl cert-manager status command, which investigates why a certificated doesn’t get issued by using the enhanced kubectl plugins. It shows a more detailed status of the certificates.
It brings improved logging as it now uses klog/v2. With Let’s Encrypt, which is a usual use case of ACME, generating new account key is disabled and it brings enhancements to preferred Chain.
cert-manager 1.0 is available for download from the project website.