This is a cache of https://docs.openshift.com/container-platform/4.17/security/cert_manager_operator/cert-manager-operator-release-notes.html. It is a snapshot of the page at 2024-11-26T06:36:37.646+0000.
cert-manager Operator for Red Hat OpenShift release notes - cert-manager Operator for Red Hat OpenShift | Security and compliance | OpenShift Container Platform 4.17
×

The cert-manager Operator for Red Hat OpenShift is a cluster-wide service that provides application certificate lifecycle management.

These release notes track the development of cert-manager Operator for Red Hat OpenShift.

cert-manager Operator for Red Hat OpenShift 1.14.1

Issued: 2024-11-04

The following advisory is available for the cert-manager Operator for Red Hat OpenShift 1.14.1:

Version 1.14.1 of the cert-manager Operator for Red Hat OpenShift is based on the upstream cert-manager version v1.14.7. For more information, see the cert-manager project release notes for v1.14.7.

cert-manager Operator for Red Hat OpenShift 1.14.0

Issued: 2024-07-08

The following advisory is available for the cert-manager Operator for Red Hat OpenShift 1.14.0:

Version 1.14.0 of the cert-manager Operator for Red Hat OpenShift is based on the upstream cert-manager version v1.14.5. For more information, see the cert-manager project release notes for v1.14.5.

New features and enhancements

FIPS compliance support

With this release, FIPS mode is now automatically enabled for cert-manager Operator for Red Hat OpenShift. When installed on an OpenShift Container Platform cluster in FIPS mode, cert-manager Operator for Red Hat OpenShift ensures compatibility without affecting the cluster’s FIPS support status.

Securing routes with cert-manager managed certificates (Technology Preview)

With this release, you can manage certificates referenced in Route resources by using the cert-manager Operator for Red Hat OpenShift. For more information, see Securing routes with the cert-manager Operator for Red Hat OpenShift.

NCM issuer

The cert-manager Operator for Red Hat OpenShift now supports the Nokia NetGuard certificate Manager (NCM) issuer. The ncm-issuer is a cert-manager external issuer that integrates with the NCM PKI system using a Kubernetes controller to sign certificate requests. This integration streamlines the process of obtaining non-self-signed certificates for applications, ensuring their validity and keeping them updated.

The NCM issuer is validated only with version 1.1.1 and the cert-manager Operator for Red Hat OpenShift version 1.14.0. This version handles tasks such as issuance, renewal, and managing certificates for the API server and ingress controller of OpenShift Container Platform clusters.

cert-manager Operator for Red Hat OpenShift 1.13.1

Issued: 2024-05-15

The following advisory is available for the cert-manager Operator for Red Hat OpenShift 1.13.1:

Version 1.13.1 of the cert-manager Operator for Red Hat OpenShift is based on the upstream cert-manager version v1.13.6. For more information, see the cert-manager project release notes for v1.13.6.

cert-manager Operator for Red Hat OpenShift 1.13.0

Issued: 2024-01-16

The following advisory is available for the cert-manager Operator for Red Hat OpenShift 1.13.0:

Version 1.13.0 of the cert-manager Operator for Red Hat OpenShift is based on the upstream cert-manager version v1.13.3. For more information, see the cert-manager project release notes for v1.13.0.

New features and enhancements

  • You can now manage certificates for API Server and Ingress Controller by using the cert-manager Operator for Red Hat OpenShift. For more information, see Configuring certificates with an issuer.

  • With this release, the scope of the cert-manager Operator for Red Hat OpenShift, which was previously limited to the OpenShift Container Platform on AMD64 architecture, has now been expanded to include support for managing certificates on OpenShift Container Platform running on IBM Z® (s390x), IBM Power® (ppc64le) and ARM64 architectures.

  • With this release, you can use DNS over HTTPS (DoH) for performing the self-checks during the ACME DNS-01 challenge verification. The DNS self-check method can be controlled by using the command line flags, --dns01-recursive-nameservers-only and --dns01-recursive-nameservers. For more information, see Customizing cert-manager by overriding arguments from the cert-manager Operator API.