Cert-Manager Now Part of The CNCF Sandbox Family as Jetstack Completes Donation


Cloud native infrastructure builder Jetstack announces its successful donation of the cert-manager project to the Linux Foundation’s Cloud Native Computing Foundation as a “sandbox” project. The donation has been eagerly accepted, and cert-manager is expected to revolutionize the security offered to the Kubernetes community, specifically in the domain of certificate management.

The new cert-manager API makes it more mature and powerful
The new cert-manager API makes it more mature and powerful
Key Facts
  1. 1

    Jetstack’s cert-manager is a state-of-the-art Kubernetes certificate management controller. It is used to manage X.509 machine identities in OpenShift and Kubernetes.

  2. 2

    Jetstack’s decision to donate cert-manager stems from their belief that technology like cert-manager can be better-utilized and more effective when managed and operated by a vendor-neutral party like the CNFC.

  3. 3

    CNFC provides Kubernetes and open source support to a variety of organizations, non-profits, government agencies, and academic institutions worldwide. This makes the cert-manager donation especially useful in preserving the security of vast arrays of projects built by the community.

  4. 4

    Cert-manager supports the entire certificate lifecycle and enables the signing of certificates by public and private signatories/authorities such as Let’s Encrypt.

  5. 5

    Cert-manager has been built and grown by a dedicated team of Jetstack’s top engineers and over 260+ highly-experienced developers and engineers.


Jetstack is mainly a Kubernetes professional services company founded in 2015 and recently acquired by Venafi, a security company specialized in different areas mainly machine identity. According to the Venafi:

The combination of speed and security creates an interesting dilemma. How do you build software quick enough to compete, without the risk of being exploited? This is the challenge that Jetstack and Venafi will solve.

Back to cert-manager, Jetstack recently announced the release of the v1 API for this tool, which made the technology more mature and powerful. This release allows developers to have greater visibility and control over their certificates.

Currently, the Venafi+Jetsack team has been working towards integrating Google's new Certificate Authority Service (CAS) with cert-manager. This will offer developers private CA keys as a service, using HSMs, which are validated at FIPS 140-2 Level 3.

It’s exciting to see cert-manager join the CNCF Sandbox. It’s been several years in the making to get to 1.0, and we’re hugely thankful to a community of over 250 contributors, and many end-users, to get it to where it is today. This is a foundational add-on to many Kubernetes and OpenShift clusters, and the project will benefit from being part of the CNCF and its ecosystem. We look forward to attracting a diverse contributor base and extending our partnership and cooperation with many other projects to further enhance the developer and operator experience.
Matthew Bates
Co-founder and CTO, Jetstack

Get similar stories in your inbox weekly, for free

Is this news interesting? Share it with your followers

Latest stories

What You Should Know About Serverless Databases

Serverless databases are used by organizations that are either fully transitioned or are still transitioning …

200 Million Certificates in 24 Hours

Let's Encrypt has been providing free Certificate Authority (CA) for websites in need of them …

Gatling VS K6

Gatling and K6 are performance load testing tools, and they are both open source, easy …

Red Hat Ansible Platform 1 vs 2; What’s the Difference?

Red Hat Ansible is a platform used by enterprises to manage, unify and execute infrastructure …

Domino Data Labs Raised $100 Million in the Latest Funding Round

Culled from the news released by Domino Data labs on funding and the company's progress …

New Release: The Microsoft Azure Purview Is Now Available on General Availability

News report detailing the announcement of the release of Azure purview on GA