From a1f82d7f99d1f4c7aef56d5cec82fd6576fe1c92 Mon Sep 17 00:00:00 2001 From: Elisamara Aoki Goncalves Date: Tue, 6 Sep 2022 10:49:46 -0300 Subject: [PATCH] Required SAN parameter for local registry (r6,r7,dsR6,dsR7) Added note to clarify floating IPs. Added MGMT floating IP. Fixed command. Signed-off-by: Elisamara Aoki Goncalves Change-Id: Idc27a997b9c451efe3fb19953eee4670fb6a11b5 --- ...-registry-certificate-after-installation-c519edbfe90a.rst | 5 +++++ .../kubernetes/create-certificates-locally-using-openssl.rst | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst b/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst index 26ddcf3b5..c5cbb0c87 100644 --- a/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst +++ b/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst @@ -73,6 +73,11 @@ Update the following fields: - registry.central - + .. note:: + + By default after deployment, all system configurations have both OAM and + MGMT floating IPs in the docker registry certificate. + #. Apply the configuration. diff --git a/doc/source/security/kubernetes/create-certificates-locally-using-openssl.rst b/doc/source/security/kubernetes/create-certificates-locally-using-openssl.rst index 58e971b27..fe25c20d7 100644 --- a/doc/source/security/kubernetes/create-certificates-locally-using-openssl.rst +++ b/doc/source/security/kubernetes/create-certificates-locally-using-openssl.rst @@ -49,7 +49,7 @@ use in a lab environment. .. code-block:: none - $ echo subjectAltName = IP:,DNS:registry.local,DNS:registry.central > extfile.cnf + $ echo subjectAltName = IP:,IP:,DNS:registry.local,DNS:registry.central > extfile.cnf #. Use the my-root-ca to sign the server certificate.