Solutions
Audit & Optimization Platform Design Automation Team Structure
Documentation Blog
Get Started
Secrets 2023

cert-manager 1.13: Automated TLS Certificate Management Enhancements

K8s Guru
2 min read
#cert-manager #tls #certificates #security #kubernetes #acme
cert-manager 1.13: Automated TLS Certificate Management Enhancements

Table of Contents

Introduction

cert-manager 1.13, released on September 25, 2023, is most relevant if you’re hardening clusters without turning every deploy into a support ticket. The real value is in rollout safety: tighter controls with fewer false positives, clearer policy outcomes, and smoother day-2 response when something is blocked.

ACME Improvements

  • Let’s Encrypt integration improvements provide better reliability and performance.
  • ACME v2 support ensures compatibility with modern ACME protocol implementations.
  • DNS-01 challenge improvements enable better certificate issuance for wildcard domains.
  • HTTP-01 challenge enhancements simplify certificate issuance for standard domains.

Issuer Enhancements

  1. Cloud provider issuers expand support for AWS, Azure, GCP, and other cloud certificate services.
  2. Vault integration improvements enable better integration with HashiCorp Vault PKI.
  3. Self-signed certificates support enables development and testing scenarios.
  4. Custom issuers enable integration with enterprise certificate authorities.

Security & Reliability

  • Certificate rotation improvements ensure certificates are renewed before expiration.
  • Key management enhancements provide better security for private keys.
  • Certificate validation ensures certificates meet security requirements before use.
  • Audit logging tracks all certificate issuance and renewal events.

Getting Started

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml

Create a ClusterIssuer:

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: [email protected]
    privateKeySecretRef:
      name: letsencrypt-prod
    solvers:
    - http01:
        ingress:
          class: nginx

Summary

AspectDetails
Release DateSeptember 25, 2023
Headline FeaturesACME improvements, issuer enhancements, security features
Why it MattersDelivers automated TLS certificate management with enhanced ACME and issuer support

cert-manager 1.13 provides teams with comprehensive TLS certificate management capabilities with improved ACME and issuer support.