diff options
Diffstat (limited to 'docs/sections/tls_enablement.rst')
-rw-r--r-- | docs/sections/tls_enablement.rst | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/docs/sections/tls_enablement.rst b/docs/sections/tls_enablement.rst index 92556b58..0f75bc88 100644 --- a/docs/sections/tls_enablement.rst +++ b/docs/sections/tls_enablement.rst @@ -14,8 +14,7 @@ Solution overview 2. Plugin and Blueprint: Update blueprint to include new (optional) node property (tls_info) to the type definitions for the Kubernetes component types. The property is a dictionary with two elements: A boolean (use_tls) that indicates whether the com ponent uses TLS. A string (cert_directory) that indicates where the component expects to find certificate artifacts - During deployment Kubernetes plugin (referenced in blueprint) will check if the tls_info property is set and use_tls is set to true, then the plugin will add -some elements to the Kubernetes Deployment for the component: + During deployment Kubernetes plugin (referenced in blueprint) will check if the tls_info property is set and use_tls is set to true, then the plugin will add some elements to the Kubernetes Deployment for the component: * A Kubernetes volume (tls-info) that will hold the certificate artifacts * A Kubernetes initContainer (tls-init) * A Kubernetes volumeMount for the initContainer that mounts the tlsinit volume at /opt/tls/shared. @@ -25,11 +24,11 @@ some elements to the Kubernetes Deployment for the component: 3. Certificate Artifacts The certificate directory m ounted on the container will include the following files: - * cert.jks: A Java keystore containing the DCAE certificate. - * jks.pass: A text file with a single line that contains the password for the cert.jks keystore. - * trust.jks: A Jave truststore containing the AAF CA certificate (needed by clients) - * trust.pass: A text file with a single line that contains the password for the trust.jks keystore. - * cert.p12: The DCAE certificate and private key package in PKCS12 form at. - * p12.pass: A text file with a single line that contains the password for cert.p12 file. - * cert.pem: The DCAE certificate, in PEM form at. - * key.pem: The private key for the DCAE certificate. The key is not encrypted. + - cert.jks: A Java keystore containing the DCAE certificate. + - jks.pass: A text file with a single line that contains the password for the cert.jks keystore. + - trust.jks: A Jave truststore containing the AAF CA certificate (needed by clients) + - trust.pass: A text file with a single line that contains the password for the trust.jks keystore. + - cert.p12: The DCAE certificate and private key package in PKCS12 form at. + - p12.pass: A text file with a single line that contains the password for cert.p12 file. + - cert.pem: The DCAE certificate, in PEM form at. + - key.pem: The private key for the DCAE certificate. The key is not encrypted. |