v1.14.4
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
cert-manager 1.14 brings a variety of features, security improvements and bug fixes, including: support for creating X.509 certificates with "Other Name" fields, and support for creating CA certificates with "Name Constraints" and "Authority Information Accessors" extensions.
⚠️ Known Issues
- ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see release docs for more info and mitigations
ℹ️ Documentation
Release notes
Upgrade notes
Installation instructions
🔧 Breaking changes
See Breaking changes in v1.14.0 release notes
📜 Changes since v1.14.3
Bug or Regression
- Allow
cert-manager.io/allow-direct-injection
in annotations (#6809, @jetstack-bot) - BUGFIX: JKS and PKCS12 stores now contain the full set of CAs specified by an issuer (#6812, @jetstack-bot)
- BUGFIX: cainjector leaderelection flag/ config option defaults are missing (#6819, @jetstack-bot)
Other (Cleanup or Flake)
- Bump base images. (#6842, @inteon)
- Upgrade Helm: fix CVE-2024-26147 alert (#6834, @inteon)
- Upgrade go to 1.21.8: fixes CVE-2024-24783 (#6825, @jetstack-bot)
- Upgrade google.golang.org/protobuf: fixing GO-2024-2611 (#6829, @inteon)