Skip to content

Trust Manager overview

Trust Manager is a Kubernetes operator for Next-Gen Trust Security that combines trusted X.509 certificates into bundles that your applications can use for TLS validation. Trust Manager works alongside cert-manager but can also operate independently.

Trust Manager provides the following key benefits:

  • Combines certificates from multiple sources including ConfigMaps, Secrets, inline PEM certificates, and a default bundle of publicly trusted CAs, using the cluster-scoped Bundle custom resource.
  • Distributes trust bundles across namespaces through ConfigMap or Secret targets, with namespace selectors to control which namespaces receive the bundle.
  • Supports multiple output formats including PEM, JKS, and PKCS#12 for compatibility with different application trust stores.

By using Trust Manager, your applications can validate TLS certificates against a consistent, centrally managed set of trusted CAs.

What's next?

To get started, install Trust Manager in your cluster. Then, follow the quick start guide to create your first Bundle.