cert-manager is the most underappreciated tool on this list and probably already running in your Kubernetes cluster if your team set it up correctly. It automates the management and issuance of TLS certificates — primarily via Let's Encrypt — and eliminates the 'certificate expired at 2am on a Sunday' class of incident entirely. The value proposition is straightforward: instead of manually rotating certificates every 90 days across dozens of services, cert-manager handles the ACME challenge, cert issuance, and automatic renewal with zero human intervention. Every Kubernetes cluster running HTTPS services should have cert-manager installed. Setup time: ~30 minutes. Operational cost after setup: ~zero.
Comments on "cert-manager"
Create a free account or sign in to join the discussion.
Sign in to join the conversation