Allow controller to issue certificates into cert manager instead of secrets

[Embraser01]

The idea would be to use another storage adapter that would create cert-manager certificates.
Coupled with a new configuration that would create self-signed certificates, it could manage internal certificates of a k8s cluster

More infos here: https://twitter.com/ahmetb/status/1549596091380682757

[mholt]

Could cert-manager be eliminated altogether?

[ahmetb]

I think my motive is to have self-signed certificates placed into a Kubernetes Secret object for my Kubernetes admission webhook to read from (or have an ingress like caddy in front do this) as well as the component update the MutatingWebhookConfiguration / ValidatingWebhookConfiguration objects' caBundle fields with the self-signed cert's CA cert as it is provisioned/renewed.

I'm not entirely sure if this is any interesting to Caddy's ingress as I think this use case can be achieved without an ingress as well.

[Embraser01]

Could cert-manager be eliminated altogether?

Don't think so. We could add an option to let caddy act as an issuer for certmanager, but we would still need the certmanager controller to handle most of the logic (which is complex: https://cert-manager.io/docs/concepts/certificate/)