From d25ab57204c3b01b653a20c59b90c82440344359 Mon Sep 17 00:00:00 2001 From: Fang-Pen Lin Date: Mon, 24 Nov 2025 11:17:40 -0800 Subject: [PATCH] Update docs --- docs/docs.json | 2 +- .../getting-started/concepts/client-integrations.mdx | 2 +- .../platform/pki/integration-guides/gloo-mesh.mdx | 2 +- .../pki/{pki-issuer.mdx => k8s-cert-manager.mdx} | 9 ++++++--- 4 files changed, 9 insertions(+), 6 deletions(-) rename docs/documentation/platform/pki/{pki-issuer.mdx => k8s-cert-manager.mdx} (94%) diff --git a/docs/docs.json b/docs/docs.json index 57f44596fd..8da9a2a280 100644 --- a/docs/docs.json +++ b/docs/docs.json @@ -752,7 +752,7 @@ { "group": "Infrastructure Integrations", "pages": [ - "documentation/platform/pki/pki-issuer", + "documentation/platform/pki/k8s-cert-manager", "documentation/platform/pki/integration-guides/gloo-mesh", "documentation/platform/pki/integration-guides/windows-server-acme", "documentation/platform/pki/integration-guides/nginx-certbot", diff --git a/docs/documentation/getting-started/concepts/client-integrations.mdx b/docs/documentation/getting-started/concepts/client-integrations.mdx index bcd9358306..2a575039ab 100644 --- a/docs/documentation/getting-started/concepts/client-integrations.mdx +++ b/docs/documentation/getting-started/concepts/client-integrations.mdx @@ -24,7 +24,7 @@ Infisical offers a non-exhaustive set of clients and interfaces to support a wid - [External Secrets Operator (ESO)](https://external-secrets.io/latest/provider/infisical): Allows Infisical to act as a backend provider for syncing secrets into Kubernetes `Secret` objects using the widely adopted External Secrets Operator. -- [Kubernetes PKI Issuer](/documentation/platform/pki/pki-issuer): A controller that issues X.509 certificates from Infisical PKI using the cert-manager Issuer and Certificate CRDs. +- [Kubernetes PKI Issuer](/documentation/platform/pki/k8s-cert-manager): A controller that issues X.509 certificates from Infisical PKI using the cert-manager Issuer and Certificate CRDs. - [Secret Syncs](/integrations/secret-syncs/overview): Native integrations to forward secrets to services like GitHub, GitLab, AWS Secrets Manager, Vercel, and more. diff --git a/docs/documentation/platform/pki/integration-guides/gloo-mesh.mdx b/docs/documentation/platform/pki/integration-guides/gloo-mesh.mdx index d1f1273fd0..0f312af011 100644 --- a/docs/documentation/platform/pki/integration-guides/gloo-mesh.mdx +++ b/docs/documentation/platform/pki/integration-guides/gloo-mesh.mdx @@ -25,7 +25,7 @@ When you deploy a `Certificate` CRD in your workload cluster, `cert-manager` use Infisical verifies the request against your certificate templates and returns the signed certificate. From there, Istio's control plane will automatically use this intermediate CA to sign leaf certificates for workloads in the service mesh, enabling secure mTLS communication across your entire Gloo Mesh infrastructure. -Follow the [Infisical PKI Issuer guide](/documentation/platform/pki/pki-issuer) for detailed instructions on how to set up the Infisical PKI Issuer and cert-manager for your Istio intermediate CA certificates in Gloo Mesh clusters. +Follow the [Kubernetes Cert Manager guide](/documentation/platform/pki/k8s-cert-manager) for detailed instructions on how to set up the Infisical PKI Issuer and cert-manager for your Istio intermediate CA certificates in Gloo Mesh clusters. For Gloo Mesh-specific configuration, ensure that: diff --git a/docs/documentation/platform/pki/pki-issuer.mdx b/docs/documentation/platform/pki/k8s-cert-manager.mdx similarity index 94% rename from docs/documentation/platform/pki/pki-issuer.mdx rename to docs/documentation/platform/pki/k8s-cert-manager.mdx index a1d07c98bb..a5c9f81432 100644 --- a/docs/documentation/platform/pki/pki-issuer.mdx +++ b/docs/documentation/platform/pki/k8s-cert-manager.mdx @@ -1,13 +1,16 @@ --- -title: "Kubernetes Issuer" +title: "Kubernetes cert-manager" description: "Learn how to automatically provision and manage TLS certificates in Kubernetes using Infisical PKI" --- ## Concept -The Infisical PKI Issuer is an installable Kubernetes [cert-manager](https://cert-manager.io/) controller that uses Infisical PKI to sign certificate requests. The issuer is perfect for getting X.509 certificates for ingresses and other Kubernetes resources and capable of automatically renewing certificates as needed. +The Infisical PKI provides [ACME (Automated Certificate Management Environment)](https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment) integration for various of ACME clients to issue and renew certificates automatically. +Under Kubernetes environment, [cert-manager](https://cert-manager.io) is the most popular issuer to issue certificates via ACME. +The issuer is perfect for getting X.509 certificates for ingresses and other Kubernetes resources and capable of automatically renewing certificates as needed. -As part of the workflow, you install `cert-manager`, the Infisical PKI Issuer, and configure resources to represent the connection details to your Infisical PKI and the certificates you wish to issue. Each issued certificate and corresponding private key is made available in a Kubernetes secret. +As part of the workflow, you install `cert-manager` and configure resources to represent the connection details to your Infisical PKI and the certificates you wish to issue. +Each issued certificate and corresponding private key is made available in a Kubernetes secret. We recommend reading the [cert-manager documentation](https://cert-manager.io/docs/) for a fuller understanding of all the moving parts.