summaryrefslogtreecommitdiffstats
path: root/docs/sections/tls_enablement.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/sections/tls_enablement.rst')
-rw-r--r--docs/sections/tls_enablement.rst19
1 files changed, 9 insertions, 10 deletions
diff --git a/docs/sections/tls_enablement.rst b/docs/sections/tls_enablement.rst
index 92556b58..0f75bc88 100644
--- a/docs/sections/tls_enablement.rst
+++ b/docs/sections/tls_enablement.rst
@@ -14,8 +14,7 @@ Solution overview
2. Plugin and Blueprint:
Update blueprint to include new (optional) node property (tls_info) to the type definitions for the Kubernetes component types. The property is a dictionary with two elements: A boolean (use_tls) that indicates whether the com ponent uses TLS. A string (cert_directory) that indicates where the component expects to find certificate artifacts
- During deployment Kubernetes plugin (referenced in blueprint) will check if the tls_info property is set and use_tls is set to true, then the plugin will add
-some elements to the Kubernetes Deployment for the component:
+ During deployment Kubernetes plugin (referenced in blueprint) will check if the tls_info property is set and use_tls is set to true, then the plugin will add some elements to the Kubernetes Deployment for the component:
* A Kubernetes volume (tls-info) that will hold the certificate artifacts
* A Kubernetes initContainer (tls-init)
* A Kubernetes volumeMount for the initContainer that mounts the tlsinit volume at /opt/tls/shared.
@@ -25,11 +24,11 @@ some elements to the Kubernetes Deployment for the component:
3. Certificate Artifacts
The certificate directory m ounted on the container will include the following files:
- * cert.jks: A Java keystore containing the DCAE certificate.
- * jks.pass: A text file with a single line that contains the password for the cert.jks keystore.
- * trust.jks: A Jave truststore containing the AAF CA certificate (needed by clients)
- * trust.pass: A text file with a single line that contains the password for the trust.jks keystore.
- * cert.p12: The DCAE certificate and private key package in PKCS12 form at.
- * p12.pass: A text file with a single line that contains the password for cert.p12 file.
- * cert.pem: The DCAE certificate, in PEM form at.
- * key.pem: The private key for the DCAE certificate. The key is not encrypted.
+ - cert.jks: A Java keystore containing the DCAE certificate.
+ - jks.pass: A text file with a single line that contains the password for the cert.jks keystore.
+ - trust.jks: A Jave truststore containing the AAF CA certificate (needed by clients)
+ - trust.pass: A text file with a single line that contains the password for the trust.jks keystore.
+ - cert.p12: The DCAE certificate and private key package in PKCS12 form at.
+ - p12.pass: A text file with a single line that contains the password for cert.p12 file.
+ - cert.pem: The DCAE certificate, in PEM form at.
+ - key.pem: The private key for the DCAE certificate. The key is not encrypted.