ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 3/5

k8s-certs

Kubernetes certificate management with cert-manager. Use when managing TLS certificates, configuring issuers, or troubleshooting certificate issues.

Why use this skill?

Simplify Kubernetes certificate management using the k8s-certs skill. Automate TLS issuance, monitor expiry, and troubleshoot cert-manager configurations easily.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/rohitg00/k8s-certs
Or

What This Skill Does

The k8s-certs skill provides a comprehensive interface for managing TLS certificates within Kubernetes clusters using the cert-manager operator. It empowers OpenClaw agents to perform lifecycle management of certificates, including automated issuance, renewal, and validation. By abstracting the complexity of Kubernetes manifest applications and status retrieval, this toolset allows for seamless handling of Let's Encrypt (staging and production) and self-signed certificate authorities. The skill acts as an intermediary between the user and the cluster, providing deep visibility into Issuer health, CertificateRequest status, and deployment configurations.

Installation

To integrate this capability into your OpenClaw environment, use the following CLI command: clawhub install openclaw/skills/skills/rohitg00/k8s-certs Ensure that you have an active context connected to a Kubernetes cluster where cert-manager is already installed or configured for deployment.

Use Cases

  • Automated TLS Provisioning: Quickly set up production-ready HTTPS for web services using Let's Encrypt ACME solvers.
  • Certificate Auditing: Automatically fetch and verify the expiry dates and status of existing ingress certificates to prevent downtime.
  • Troubleshooting Connectivity: Debug SSL/TLS handshake failures by inspecting the specific state of CertificateRequests and associated ClusterIssuer configuration.
  • Environment Promotion: Easily toggle between staging and production certificate issuers when deploying applications across different cluster environments.

Example Prompts

  1. "Check the status of the 'web-api-tls' certificate in the production namespace and tell me when it is scheduled to expire."
  2. "Set up a new production ClusterIssuer using Let's Encrypt with the email [email protected] for our nginx-based ingress."
  3. "My certificate for app.example.com is stuck in a 'Not Ready' state; please investigate the logs and recent certificate requests to identify the issue."

Tips & Limitations

  • Prerequisites: This skill assumes cert-manager is configured in your cluster. If missing, verify the installation using the certmanager_detect_tool.
  • Debugging: When a certificate remains 'Not Ready', always start by checking the associated CertificateRequest objects, as they often contain descriptive error messages regarding DNS challenges or connectivity issues.
  • Rate Limits: Be mindful of Let's Encrypt rate limits when testing. Always use the staging environment issuer for initial configuration and debugging before switching to the production issuer.
  • RBAC: Ensure the OpenClaw service account has sufficient permissions to apply manifests and describe resources within the target namespaces.
Read Full Documentation on GitHub

Metadata

Author@rohitg00
Stars1133
Views0
Updated2026-02-18
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-rohitg00-k8s-certs": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#kubernetes#tls#devops#cert-manager#infrastructure
Safety Score: 3/5

Flags: code-execution, external-api

Related Skills

k8s-autoscaling

Configure Kubernetes autoscaling with HPA, VPA, and KEDA. Use for horizontal/vertical pod autoscaling, event-driven scaling, and capacity management.

rohitg00 1133

k8s-multicluster

Manage multiple Kubernetes clusters, switch contexts, and perform cross-cluster operations. Use when working with multiple clusters, comparing environments, or managing cluster lifecycle.

rohitg00 1133

k8s-backup

Kubernetes backup and restore with Velero. Use when creating backups, restoring applications, managing disaster recovery, or migrating workloads between clusters.

rohitg00 1133

k8s-browser

Browser automation for Kubernetes dashboards and web UIs. Use when interacting with Kubernetes Dashboard, Grafana, ArgoCD UI, or other web interfaces. Requires MCP_BROWSER_ENABLED=true.

rohitg00 1133

k8s-capi

Cluster API lifecycle management for provisioning, scaling, and upgrading Kubernetes clusters. Use when managing cluster infrastructure or multi-cluster operations.

rohitg00 1133