cert-manager
Kubernetes certificate controller supporting Let's Encrypt, Vault, and more
Secrets ManagementFree (open source); enterprise support from Venafi/CyberArkOpen Source
How we work:This listing is aggregated from cert-manager's official documentation, public pricing pages, community discussions (Reddit, HN, forums), and real user feedback. We do not do hands-on testing. We aggregate and organize what's already out there. Last verified April 2026.
What is cert-manager?
cert-manager is the leading Kubernetes controller for X.509 certificate management. It automates the issuance and renewal of certificates from Let's Encrypt, HashiCorp Vault, Venafi, AWS Private CA, Google CAS, and internal CA setups. cert-manager is a CNCF Graduated project originally built by Jetstack, and it's the go-to tool for any team running TLS on Kubernetes.
Best for: Any Kubernetes team that needs TLS — which is nearly all of them
Pros
- ✓ De facto standard for TLS on Kubernetes
- ✓ Wide CA provider support (public and private)
- ✓ Automatic renewal eliminates expired-cert incidents
- ✓ Massive community and active development
Cons
- ✗ Kubernetes-only; not for non-container workloads
- ✗ Configuration has many CRDs to understand (Issuer, ClusterIssuer, Certificate)
- ✗ ACME rate limits can surprise teams doing heavy issuance
- ✗ Complex certificate chains require custom Issuer logic
Key Features
→Automatic Let's Encrypt certificate issuance
→Support for HashiCorp Vault PKI, Venafi, AWS Private CA
→ACME HTTP-01 and DNS-01 solvers
→Automatic renewal before expiry
→Certificate and Issuer CRDs
→Multi-cluster support via federation
→Approver policies for manual/automated signing
→Ingress annotations for TLS
→Istio and Gateway API integration
→CNCF Graduated project
What People Are Saying
Real discussions and resources from the community.
Quick Info
| Pricing | Free (open source); enterprise support from Venafi/CyberArk |
| Model | Open Source |
| Founded | 2017 |
| Cloud | No |
| Self-Hosted | Yes |
| Open Source | Yes |
| Rating | 4.7/5 |
Last updated: Apr 23, 2026