Solutions
Audit & Optimization Platform Design Automation Team Structure
Documentation Blog
Get Started
Secrets 2025

Cert Manager 1.15: Enhanced TLS Certificate Management

K8s Guru
2 min read
#cert-manager #tls #certificates #acme #security #kubernetes
Cert Manager 1.15: Enhanced TLS Certificate Management

Table of Contents

Introduction

Certificate automation only becomes “boring” after you’ve had the painful outage: a cert expires on a weekend, renewals silently fail, and suddenly your ingress is returning TLS errors even though pods are “healthy.”

Cert Manager 1.15, released on August 20, 2025, tightens the day-2 experience around ACME issuance, renewal/rotation behavior, and observability—so certificate management is more predictable, diagnosable, and resilient.

Why this matters in practice

  • Fewer renewal surprises: improved challenge handling and rotation behavior reduces “expired cert” incident risk.
  • Cleaner root-cause: better events/metrics/logging make issuance failures easier to debug.
  • Broader issuer options: expanded issuer support helps when ACME isn’t the only CA in your organization.

ACME Improvements

  • Challenge enhancements provide more reliable certificate issuance with improved retry logic.
  • DNS-01 solver improvements support more DNS providers and better error handling.
  • HTTP-01 solver enhancements provide better integration with ingress controllers.
  • Rate limiting handling improves behavior when encountering ACME provider rate limits.

Certificate Rotation

  1. Automatic rotation ensures certificates are renewed before expiration without manual intervention.
  2. Pre-renewal window configuration allows fine-tuning of renewal timing.
  3. Rotation notifications provide alerts when certificates are being rotated.
  4. Rollback capabilities enable recovery from failed certificate rotations.

Enhanced Observability

  • Metrics expansion provides detailed metrics for certificate lifecycle events.
  • Events improvements provide better visibility into certificate operations.
  • Logging enhancements enable better troubleshooting of certificate issues.
  • Status reporting provides comprehensive information about certificate health.

Issuer Support

  • New issuers support additional certificate authorities and providers.
  • Vault integration improvements provide better integration with HashiCorp Vault.
  • Cloud provider issuers enable native integration with cloud certificate services.
  • Custom issuers allow integration with any certificate authority through extensible APIs.

Getting Started

# Install cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.0/cert-manager.yaml

Summary

AspectDetails
Release DateAugust 20, 2025
Headline FeaturesACME improvements, certificate rotation, enhanced observability, issuer support
Why it MattersDelivers comprehensive TLS certificate management with improved reliability and ease of operation

Cert Manager 1.15 continues to be the leading solution for automated TLS certificate management on Kubernetes, ensuring secure communication for all services.