docs: Mark certManager as non-experimental

Author: Techassi

docs/modules/secret-operator/pages/secretclass.adoc

@@ -148,17 +148,16 @@ spec:
 `autoTls.maxCertificateLifetime`:: Maximum lifetime the created certificates are allowed to have. In case consumers request a longer lifetime than allowed by this setting, the lifetime will be the minimum of both.
 
 [#backend-certmanager]
-=== `experimentalCertManager`
+=== `certManager`
 
 *Format*: xref:#format-tls-pem[]
 
 *TrustStore*: No
 
 Injects a TLS certificate issued by {cert-manager}[Cert-Manager].
 
-WARNING: This backend is experimental, and subject to change.
-
-NOTE: This backend requires {cert-manager}[Cert-Manager] to already be installed and configured.
+NOTE: This backend was marked as non-experimental in SDP 25.11.0.
+      This backend requires {cert-manager}[Cert-Manager] to already be installed and configured.
 
 A new certificate will be requested the first time it is used by a Pod, it will be reused after that (subject to Cert-Manager's renewal rules).
 
@@ -167,15 +166,15 @@ Node-scoped requests will cause a Pod to become "sticky" to the Node that it was
 [#backend-certmanager-certificate-key-pair-generation]
 ==== `TLS certificate key pair generation`
 
-Currently, only RSA is supported in the `experimentalCertManager` backend.
+Currently, only RSA is supported in the `certManager` backend.
 You can however configure the key length for generated private keys. If not specified it will default to `2048` bits.
 
 ----
 include::example$secretclass-certmanager-key-length.yaml[]
 ----
-<1> `experimentalCertManager.ca.keyGeneration` specifies which algorithm and additional parameters are used
-<2> `experimentalCertManager.ca.keyGeneration.rsa` specifies the RSA key pair algorithm (RSA currently is the only one supported)
-<3> `experimentalCertManager.ca.keyGeneration.rsa.length` specifies the amount of bits used for generating the RSA key pair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits.
+<1> `certManager.ca.keyGeneration` specifies which algorithm and additional parameters are used
+<2> `certManager.ca.keyGeneration.rsa` specifies the RSA key pair algorithm (RSA currently is the only one supported)
+<3> `certManager.ca.keyGeneration.rsa.length` specifies the amount of bits used for generating the RSA key pair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits.
 
 CAUTION
 ====
@@ -193,7 +192,7 @@ If options higher than `2048` are chosen, the CPU resources for the issuer may n
 ----
 spec:
   backend:
-    experimentalCertManager:
+    certManager:
       issuer:
         kind: Issuer
         name: secret-operator-demonstration
@@ -203,14 +202,14 @@ spec:
           length: 4096
 ----
 
-`experimentalCertManager`:: Declares that the `experimentalCertManager` backend is used.
-`experimentalCertManager.issuer`:: The reference to the Cert-Manager issuer that should issue the certificates.
-`experimentalCertManager.issuer.kind`:: The kind of the Cert-Manager issuer, either Issuer or ClusterIssuer. Note that Issuer must be in the same namespace as the Pod requesting the secret.
-`experimentalCertManager.issuer.name`:: The name of the Issuer or ClusterIssuer to be used.
-`experimentalCertManager.defaultCertificateLifetime`:: The default duration of the certificates. This may need to be increased for backends that impose stricter rate limits, such as https://letsencrypt.org/[Let's Encrypt].
-`experimentalCertManager.keyGeneration`:: Configures how keys should be generated.
-`experimentalCertManager.keyGeneration.rsa`:: Declares that keys should be generated using the RSA algorithm.
-`experimentalCertManager.keyGeneration.rsa.length`:: The amount of bits used for generating the RSA key pair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits.
+`certManager`:: Declares that the `certManager` backend is used.
+`certManager.issuer`:: The reference to the Cert-Manager issuer that should issue the certificates.
+`certManager.issuer.kind`:: The kind of the Cert-Manager issuer, either Issuer or ClusterIssuer. Note that Issuer must be in the same namespace as the Pod requesting the secret.
+`certManager.issuer.name`:: The name of the Issuer or ClusterIssuer to be used.
+`certManager.defaultCertificateLifetime`:: The default duration of the certificates. This may need to be increased for backends that impose stricter rate limits, such as https://letsencrypt.org/[Let's Encrypt].
+`certManager.keyGeneration`:: Configures how keys should be generated.
+`certManager.keyGeneration.rsa`:: Declares that keys should be generated using the RSA algorithm.
+`certManager.keyGeneration.rsa.length`:: The amount of bits used for generating the RSA key pair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits.
 
 [#backend-kerberoskeytab]
 === `kerberosKeytab`