1f5c393726
Change-Id: I5dbcc535505764ae5ed8f7b42745d0019dc1fb1e Signed-off-by: Suzana Fernandes <Suzana.Fernandes@windriver.com>
33 lines
1.0 KiB
ReStructuredText
33 lines
1.0 KiB
ReStructuredText
|
|
.. knu1588334826081
|
|
.. _security-cert-manager:
|
|
|
|
============
|
|
Cert Manager
|
|
============
|
|
|
|
|prod| integrates the open source project cert-manager (cert-manager.io).
|
|
Cert-manager is a native Kubernetes certificate management controller, that
|
|
supports certificate management with external |CAs|.
|
|
|
|
|prod| installs cert-manager and an nginx-ingress-controller in support of
|
|
http-01 challenges from |CAs|, at bootstrap time, so that cert-manager
|
|
services are available for hosted containerized applications by default.
|
|
|
|
.. warning::
|
|
|
|
The cert-manager is a mandatory application and cannot be removed using the
|
|
``system application-remove`` command . Forced removal of cert-manager (using
|
|
the ``-force`` option) deletes all certificates, leaving the system is an
|
|
unrecoverable state and requiring a system reinstall.
|
|
|
|
For more information on the cert-manager project, see
|
|
`http://cert-manager.io <http://cert-manager.io>`__.
|
|
|
|
**Related Information**
|
|
|
|
- :ref:`The cert-manager Bootstrap Process
|
|
<the-cert-manager-bootstrap-process>`
|
|
|
|
|