Cert-manager, an open-source Kubernetes add-on that can automate the management and issuance of TLS certificates from various issuing sources, has become a CNCF incubating project. 

The project can ensure that certificates are up-to-date and can renew certificates before expiration to run highly secure, encrypted data communications using TLS. 

“cert-manager is probably one of the first applications you install on a Kubernetes cluster. The cert-manager maintainers aim to make this first experience as smooth as possible, while supporting the advanced use cases through our accompanying components, like csi-driver and approver-policy,” said Tim Ramlot, software engineer at Jetstack and cert-manager maintainer.

The project consists of the cert-manager controller, which lets users create certificates backed by K8s Secrets, the CSI driver library that enables users to build opinionated CSI drivers that deliver certificate key pairs to Pods in Kubernetes, as well as Issuers, Approval API, and trust-manager. 

Additional details about cert-manager are available here.