Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improved the summary on the docs homepage #1071

Merged
merged 8 commits into from
Feb 16, 2024
Merged

Improved the summary on the docs homepage #1071

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
cd640a8
Write a better introduction to the docs pages
wallrj Sep 7, 2022
0c60b9d
Link to the markdown files
wallrj Sep 8, 2022
812fc52
Apply suggestions from code review
wallrj Sep 8, 2022
457f879
Apply suggestions from code review
wallrj Feb 16, 2024
748075b
All X.509 certificates are signed and SSL is an obsolete term
wallrj Feb 16, 2024
6a8b228
Expand on the csi-driver and similar addons
wallrj Feb 16, 2024
bd2a79b
Move usage related summary below the configuration related summary
wallrj Feb 16, 2024
97f5bb2
Reflow the meta description
wallrj Feb 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 12 additions & 14 deletions content/docs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,21 @@
---
title: cert-manager
description: cert-manager documentation homepage
description: |
cert-manager creates TLS certificates for workloads in your Kubernetes or OpenShift cluster and renews the certificates before they expire.
---

cert-manager adds certificates and certificate issuers as resource types in
Kubernetes clusters, and simplifies the process of obtaining, renewing and
using those certificates.
cert-manager creates TLS certificates for workloads in your Kubernetes or OpenShift cluster
and renews the certificates before they expire.

It can issue certificates from a variety of supported sources, including
[Let's Encrypt](https://letsencrypt.org), [HashiCorp Vault](https://www.vaultproject.io),
and [Venafi](https://www.venafi.com/) as well as private PKI.
cert-manager can obtain certificates from a [variety of certificate authorities](configuration/issuers.md), including:
[Let's Encrypt](configuration/acme/README.md), [HashiCorp Vault](configuration/vault.md),
[Venafi](configuration/venafi.md) and [private PKI](configuration/ca.md).

It will ensure certificates are valid and up to date, and attempt to
renew certificates at a configured time before expiry.

It is loosely based upon the work of
[kube-lego](https://github.com/jetstack/kube-lego) and has borrowed some
wisdom from other similar projects such as
[kube-cert-manager](https://github.com/PalmStoneGames/kube-cert-manager).
SgtCoDFish marked this conversation as resolved.
Show resolved Hide resolved
With cert-manager's [Certificate resource](usage/certificate.md), the private key and certificate are stored in a Kubernetes Secret
which is mounted by an application Pod or used by an Ingress controller.
With [csi-driver](usage/csi-driver.md), [csi-driver-spiffe](usage/csi-driver-spiffe.md), or [istio-csr](usage/istio-csr.md) ,
the private key is generated on-demand, before the application starts up;
the private key never leaves the node and it is not stored in a Kubernetes Secret.

![High level overview diagram explaining cert-manager architecture](/images/high-level-overview.svg)

Expand Down
Loading