`cert-manager` is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. Often times it’s necessary to use self-signed TLS certificates with in a kubernetes cluster (e.g. with `kiam`). Other times, it’s nice to have automated Let’s Encrypt (LE) certificates available for staging environments. With `cert-manager`, it’s easy to automatically provision and manage TLS certificates in Kubernetes. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry. The `cert-manager` add-on will populate `Secrets` inside of Kubernetes that can be mounted into `Pod` resources.