Cert Exporter Guides

This guide covers how to ensure your custom certificates are monitored. For deeper technical details on how the exporter parses certificates, refer to the official Cert Exporter documentation.

Monitoring Certificates in Secrets

If you have a Kubernetes Secret that contains TLS certificates (for example, a custom Postgres secret), you must explicitly annotate it so the Cert Exporter knows to monitor it.

To do this, add the following annotation to your Secret's metadata:

Annotation Key: cert-manager.io/certificate-name
Annotation Value: <your-certificate-name>

Once this annotation is applied, the Cert Exporter will automatically extract the certificates from the secret and begin tracking their expiration dates.

Monitoring Certificates in Secrets​

Monitoring Certificates in Secrets