cert-manager is an open-source X.509 certificate controller for Kubernetes, designed to automate certificate management. In this session, we’ll explore how to configure cert-manager and its subprojects for large-scale certificate management.

At the scale of our production setup, managing and requesting certificates cannot be centralized and self-service is required. A self-service multi-tenant setup requires isolation between tenants, must support tenant-specific trust, and must be able to enforce security policies at scale.

We'll make use of key cert-manager subprojects including trust-manager, approver-policy, and csi-driver to simplify these challenges. You’ll walk away knowing how to use cert-manager in multi-tenant setups, leaving you free to focus on your all-important business logic!