Skip to content
Manage Lets Encrypt certificates for a Kubernetes cluster.
Branch: master
Clone or download

Kubernetes Certificate Manager

This is not an official Google Project.


  • Manage Kubernetes TLS secrets backed by Let's Encrypt issued certificates.
  • Manage Let's Encrypt issued certificates based on Kubernetes ThirdParty Resources.
  • Domain validation using ACME dns-01 challenges.
  • Support for multiple DNS providers via dns-01 exec plugins

The secrets created by the Kubernetes Certificate Manager can be used to configure any TLS terminating load balancer.

Project Goals

  • Demonstrate how to build custom Kubernetes controllers.
  • Demonstrate how to use Kubernetes Third Party Resources.
  • Demonstrate how to interact with the Kubernetes API (watches, reconciliation, etc).
  • Demonstrate how to write great documentation for Kubernetes add-ons and extensions.
  • Promote the usage of Let's Encrypt for securing web applications running on Kubernetes.

Popular Forks

The Kubernetes Certificate Manager has inspired many projects which have added new features and additional domain validation methods.


  • Kubernetes 1.3+
  • A registered DNS domain hosted by a supported DNS provider



You can’t perform that action at this time.