From 9dc2b1122ddf37f919b7bd842b68bc6d7b7a0489 Mon Sep 17 00:00:00 2001 From: Humble Chirammal Date: Wed, 21 Apr 2021 14:29:15 +0530 Subject: [PATCH] doc: correct the keys in certificate secrets At present the cert keys are not unique which is not correct. The keys in the secret should be unique and this patch address the same. Signed-off-by: Humble Chirammal --- docs/design/proposals/encryption-with-vault-tokens.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/design/proposals/encryption-with-vault-tokens.md b/docs/design/proposals/encryption-with-vault-tokens.md index c8729a1e2..9fe832e03 100644 --- a/docs/design/proposals/encryption-with-vault-tokens.md +++ b/docs/design/proposals/encryption-with-vault-tokens.md @@ -233,20 +233,19 @@ stringData: KNSC2DVVXcCgkqcCgAwIBAgIwewrvx... ``` -Its also possible that a user can create a single secret for the certificates -and update the configuration to fetch certificates from a secret. +It is also possible for a user to create a single Secret that contains both +the client authentication and update the configuration to fetch the certificate +and key from the Secret. ```yaml --- apiVersion: v1 kind: secret metadata: - name: vault-certificates + name: vault-client-auth stringData: cert: | MIIC2DCCAcCgAwIBAgIBATANBgkqh... - cert: | - BATANBgkqcCgAwIBAgIBATANBAwI... key: | KNSC2DVVXcCgkqcCgAwIBAgIwewrvx... ```