github cert-manager/cert-manager v1.4.0-alpha.0

latest releases: v1.9.1, v1.9.0, v1.9.0-beta.1...
pre-release15 months ago

Changelog since v1.3.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

  • The CA issuer now attempts to store the root CA instead of the issuing CA into the ca.crt field for issued certificates; this is a change of behavior. All of the information which was previously available is still available: the intermediate should appear as part of the chain in tls.crt. (#3865, @erikgb)

Changes by Kind


  • Add support for routing ACME HTTP01 challenges using Istio VirtualService CRs. (#3724, @inteon)
  • The webhook can now be configured to be accessible from outside of the cluster. (#3876, @anton-johansson)


  • Add a vulnerability reporting process in (#3818, @SgtCoDFish)
  • Add both style info and warnings about importing cert-manager as a module to README (#3902, @SgtCoDFish)

Bug or Regression

  • Fix RFC2136 DNS-01 challenges with multiple DNS names (#3622, @foosinn)
  • Fix incorrect PublicKeysEqual comparison function for public keys and improve doc comments on related functions (#3914, @SgtCoDFish)
  • Fixes Helm upgrade issue (#3882, @irbekrm)
  • Set the Ready condition to False when a CertificateRequest has been denied for all CertificateRequests that reference a signer (#3878, @JoshVanL)

Other (Cleanup or Flake)

  • Deprecate Issuer.spec.acme.externalAccountBinding.keyAlgorithm field. EAB MAC algorithm is now hardcoded to HS256. (#3877, @irbekrm)
  • Removes legacy util functions for issuer generation from test/e2e/util/util.go. Use functions in test/unit/gen/issuer.go instead. (#3873, @irbekrm)
  • Updated details of FindZoneByFqdn error message when an unexpected DNS response code is received. (#3906, @clatour)



  • d4c1975
  • 269d4d4
  • 7de9c90
  • 328c3a3
  • 4502960


  • 5f8ba28 → v0.9.4
  • c890458 → e18ecbb
  • ed371f2 → f84b799
  • v1.27.0 → v1.28.1


  • 6ca9aec

Don't miss a new cert-manager release

NewReleases is sending notifications on new releases.