From 2ba6ca26c42372c412aa2fae0e26e27b5708f37f Mon Sep 17 00:00:00 2001
From: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Date: Wed, 9 Sep 2020 16:43:29 +0200
Subject: Modify external TLS support description

- Add information about keystores from CMPv2

Issue-ID: DCAEGEN2-2253
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I24d7347f18e364fa1cac142f9148088bbe0d4401
---
 docs/sections/tls_enablement.rst | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'docs/sections')

diff --git a/docs/sections/tls_enablement.rst b/docs/sections/tls_enablement.rst
index 3eb23007..0407d4e9 100644
--- a/docs/sections/tls_enablement.rst
+++ b/docs/sections/tls_enablement.rst
@@ -119,6 +119,8 @@ External TLS support was introduced in order to integrate DCAE with CertService
 
 This external TLS support doesn't influence ONAP internal traffic which is protected by certificates issued by AAF's CertMan. External TLS Support was introduced in k8splugin 3.1.0.
 
+From k8splugin 3.4.1 when external TLS is enabled (use_external_tls=true), keystore contains only certificate from CMPv2 server. Keystore issued by CertMan has appended .bak extension and is not used.
+
 1. Certificate setup:
 
    To create certificate artifacts, AAF CertService must obtain the certificate details. Common name and list of Subject Alternative Names (SANs) are set in blueprint as described in step 3.
-- 
cgit 1.2.3-korg