Skip to content

Installing and Verifying a Certificate Manager

Before proceeding with certificate management, it's crucial to ensure that a certificate manager is installed in your cluster. This section guides you through checking for an existing installation and installing cert-manager if necessary.

Check for an Existing cert-manager Installation

First, verify if cert-manager is already installed in your cluster, by running:

kubectl get pods -n cert-manager

If cert-manager is installed, you should see pods running with names like cert-manager, cert-manager-cainjector, and cert-manager-webhook. If you see these pods, you can skip the installation step.

If cert-manager is not installed, you will see a message similar to the following:

$ kubectl get pods -n cert-manager
No resources found in cert-manager namespace.

Installing cert-manager

If cert-manager is not present, follow these steps to install it:

  1. Add the Jetstack Helm repository:
helm repo add jetstack https://charts.jetstack.io --force-update
helm repo update
  1. Install cert-manager using Helm:
helm install cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --create-namespace \
  --set crds.enabled=true
  1. After installation, verify that cert-manager is running correctly:

Check the pod status:

kubectl get pods -n cert-manager

All pods should show a Running status. Example:

$ kubectl get pods -n cert-manager
NAME                                       READY   STATUS    RESTARTS   AGE
cert-manager-6794b8d569-x9v69              1/1     Running   0          10m
cert-manager-cainjector-7f69cd69f7-r68rl   1/1     Running   0          10m
cert-manager-webhook-6cc5dccc4b-5kgfn      1/1     Running   0          10m

Verify the API readiness:

kubectl get apiservice v1.cert-manager.io

The AVAILABLE column should show True. Example:

$ kubectl get apiservice v1.cert-manager.io
NAME                 SERVICE   AVAILABLE   AGE
v1.cert-manager.io   Local     True        10m

Alternative cert-manager Installation Methods

For alternative installation methods or more detailed instructions, refer to the official cert-manager documentation.