Skip to content

Introduction to the Certificates Service

The Certificates service automates the entire lifecycle of your TLS certificates, ensuring that your applications are always served securely over HTTPS without manual intervention. By handling the issuance, renewal, and configuration of certificates, this service enhances your security posture and eliminates the risk of outages caused by expired certificates.

Manually managing TLS certificates—requesting, validating, installing, and renewing them—is a complex and error-prone process. An expired certificate can bring down a production service, damage user trust, and cause a fire drill for your team.

The Certificates service solves this problem by providing a fully automated, "set-it-and-forget-it" solution for certificate management directly within your Kubernetes cluster.

Our managed service is built on cert-manager, the de-facto standard and open-source tool for managing TLS certificates in Kubernetes.

Features

  • Automated Certificate Issuance: Automatically request trusted TLS certificates from public Certificate Authorities like Let's Encrypt.
  • Automatic Renewals: The service continuously monitors your certificates and automatically renews them well before they expire, preventing outages.
  • Seamless Ingress Integration: Works seamlessly with Ingress controllers. Add an annotation to your Ingress resource, and the service will automatically secure your application with a valid TLS certificate.
  • Support for Private CAs: The service can also be configured to issue certificates from your own private Certificate Authorities for internal services.
  • Fully Managed: We handle the installation, configuration, and maintenance of the cert-manager components, ensuring a reliable and secure certificate management workflow.

Tip

For general information about pricing, legal or support concerning the platform, services or components, consult your contract or see the contact page.