cert-manager External Issuer plugin for Cosmian KMS

## Summary

Implement a cert-manager External Issuer plugin so that Kubernetes workloads can request and auto-renew certificates from the Cosmian KMS CA directly through standard cert-manager `Certificate` resources.

## Impact

- Without this plugin, Kubernetes applications cannot use Cosmian as their certificate authority through cert-manager
- Forces users to implement custom certificate renewal logic
- Blocks adoption in Kubernetes-first environments where cert-manager is the standard PKI integration layer

## Implementation plan

New external Go repository `cosmian/cert-manager-issuer`:
- Implements the cert-manager External Issuer API (controller + CRD)
- Routes `CertificateRequest` resources to the Cosmian ACME endpoint (see #860) or directly to the KMIP Certify operation
- Deployed as a Kubernetes `Deployment` alongside cert-manager

**Effort**: Medium (new repo) | Requires #860 (ACME endpoint)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

cert-manager External Issuer plugin for Cosmian KMS #888

Summary

Impact

Implementation plan

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

cert-manager External Issuer plugin for Cosmian KMS #888

Description

Summary

Impact

Implementation plan

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions