summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>2020-12-10 16:04:25 +0100
committerPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>2020-12-10 16:04:25 +0100
commitac5aacce2f0fb6568b8e7f064f81efb50ae26fe9 (patch)
treec6d0a1989b75d61e8f78750eab54c43455c38e65
parent74ea0747fc5b72b20b7005721d3c26ef9e2d0a44 (diff)
Update external certs docs to support new SANs types
Issue-ID: DCAEGEN2-2508 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I4de0beab9e691cc9efe5e8eff39871e6699407fc
Diffstat
-rw-r--r--docs/sections/tls_enablement.rst2
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/sections/tls_enablement.rst b/docs/sections/tls_enablement.rst
index 4a049039..3d5a8cd5 100644
--- a/docs/sections/tls_enablement.rst
+++ b/docs/sections/tls_enablement.rst
@@ -176,7 +176,7 @@ From k8splugin 3.4.1 when external TLS is enabled (use_external_tls=true), keyst
* A string (``output_type``) that indicates certificate output type.
* A dictionary (``external_certificate_parameters``) with two elements:
* A string (``common_name``) that indicates common name which should be present in certificate. Specific for every blueprint (e.g. dcae-ves-collector for VES).
- * A string (``sans``) that indicates list of Subject Alternative Names (SANs) which should be present in certificate. Delimiter - , Should contain common_name value and other FQDNs under which given component is accessible.
+ * A string (``sans``) that indicates list of Subject Alternative Names (SANs) which should be present in certificate. Delimiter - , Should contain common_name value and other FQDNs under which given component is accessible. The following SANs types are supported: DNS names, IPs, URIs, emails.
As a final step of the plugin the generated CMPv2 truststore entries will be appended to AAF CA truststore (see certificate artifacts below).