Fix documentation1.0.1

Issue-ID: AAF-1091
Signed-off-by: Aleksandra Maciaga <aleksandra.maciaga@nokia.com>
Change-Id: I057f20fa82057affae18dbaae5c0f4d0b979bde5

1 files changed, 8 insertions, 5 deletions

diff --git a/docs/sections/architecture.rst b/docs/sections/architecture.rst
index 1a5b3687..9166aa39 100644
--- a/docs/sections/architecture.rst
+++ b/docs/sections/architecture.rst
@@ -14,6 +14,14 @@ Interaction between components
    :height: 223px
    :alt: Interaction between components
 
+The micro-service called CertService is designed for requesting certificates signed by external Certificate Authority (CA) using CMP over HTTP protocol. It uses CMPv2 client to send and receive CMPv2 messages.
+
+CertService's client is also provided so other ONAP components (aka end components) can easily get certificate from CertService. End component is an ONAP component (e.g. DCAE collector or controller) which requires certificate from CMPv2 server to protect external traffic and uses CertService's client to get it.
+
+CertService's client communicates with CertService via REST API over HTTPS, while CertService with CMPv2 server via CMP over HTTP.
+
+To proof that CertService works Open Source CMPv2 server (EJBCA) is deployed and used in E2E tests.
+
 
 Simplified certificate enrollment flow
 --------------------------------------
@@ -22,8 +30,3 @@ Simplified certificate enrollment flow
    :width: 1191px
    :height: 893px
    :alt: Simplified certificate enrollment flow
-
-Security considerations
------------------------
-
-CertService's REST API is protected by mutual HTTPS, meaning server requests client's certificate and **authenticate** only requests with trusted certificate. After ONAP default installation only certificate from CertService's client is trusted. **Authorization** isn't supported in Frankfurt release.
\ No newline at end of file