Remove section Install/Update the StarlingX Rest and Web Server Certificate (dsR10,dsR10minor,r10)

Remove deprecated content. Change-Id: I493bc5e059b88406e7fd4f67a285c032e9bf2244 Signed-off-by: Elisamara Aoki Gonçalves <elisamaraaoki.goncalves@windriver.com>
2025-08-18 17:01:17 +00:00
parent ab6eace956
commit f527add919
5 changed files with 1 additions and 87 deletions
--- a/doc/source/_vendor/rl-strings.txt
+++ b/doc/source/_vendor/rl-strings.txt
@@ -240,7 +240,6 @@
 .. |openstack-login-protection| replace:: :ref:`Login Protection <openstack-login-protection>`
 .. |index-security-84d0d8aa401b| replace:: :ref:`Security <index-security-84d0d8aa401b>`
 .. |pod-security-admission-controller-8e9e6994100f| replace:: :ref:`Pod Security Admission Controller <pod-security-admission-controller-8e9e6994100f>`
 .. |install-update-the-starlingx-rest-and-web-server-certificate| replace:: :ref:`Install/Update the StarlingX Rest and Web Server Certificate <install-update-the-starlingx-rest-and-web-server-certificate>`
 .. .. |pod-security-policies| replace:: :ref:`Pod Security Policies <pod-security-policies>`
 .. |remove-portieris| replace:: :ref:`Remove Portieris <remove-portieris>`
 .. |delete-ldap-linux-accounts-7de0782fbafd| replace:: :ref:`Delete LDAP Linux Accounts <delete-ldap-linux-accounts-7de0782fbafd>`
--- a/doc/source/security/kubernetes/index-security-kub-81153c1254c3.rst
+++ b/doc/source/security/kubernetes/index-security-kub-81153c1254c3.rst
@@ -388,7 +388,6 @@ Deprecated Functionality
   starlingx-rest-api-applications-and-the-web-administration-server-deprecated
   enable-https-access-for-starlingx-rest-and-web-server-endpoints
   install-update-the-starlingx-rest-and-web-server-certificate
 ***************************************
--- a/doc/source/security/kubernetes/install-update-the-starlingx-rest-and-web-server-certificate.rst
+++ b/doc/source/security/kubernetes/install-update-the-starlingx-rest-and-web-server-certificate.rst
@@ -1,78 +0,0 @@
 .. law1570030645265
 .. _install-update-the-starlingx-rest-and-web-server-certificate:
 ============================================================
 Install/Update the StarlingX Rest and Web Server Certificate
 ============================================================
 Use the following procedure to install or update the certificate for the |prod|
 REST API application endpoints (Keystone, Barbican and |prod|) and the
 |prod| web administration server.
 .. rubric:: |prereq|
 Obtain an intermediate or Root |CA|-signed server certificate and key from a
 trusted Intermediate or Root |CA|. Refer to the documentation for the external
 Intermediate or Root |CA| that you are using, on how to create public
 certificate and private key pairs, signed by intermediate or a Root |CA|, for
 HTTPS.
 For lab purposes, see :ref:`Create Certificates Locally using openssl
 <create-certificates-locally-using-openssl>` for how to create a test
 Intermediate or Root |CA| certificate and key, and use it to sign test
 server certificates.
 Put the |PEM| encoded versions of the server certificate and key in a single
 file, and copy the file to the controller host.
 .. note::
    If you plan to use the container-based remote CLIs, due to a limitation in
    the Python2 SSL certificate validation, the certificate used for the |prod|
    REST API application endpoints and |prod| Web Administration Server ('ssl')
    certificate must either have:
    #.  CN=IPADDRESS and SANs=IPADDRESS
        or
    #.  CN=FQDN and SANs=FQDN
        where IPADDRESS and FQDN are for the OAM Floating IP Address.
 .. rubric:: |proc|
 -   Install/update the copied certificate.
    For example:
    .. code-block:: none
        ~(keystone_admin)]$ system certificate-install -m ssl <pathTocertificateAndKey>
    where:
    **<pathTocertificateAndKey>**
    is the path to the file containing both the intermediate or Root
    |CA|-signed server certificate and private key to install.
 .. warning::
    The REST and Web Server certificate are not automatically renewed, user
    MUST renew the certificate prior to expiry, otherwise a variety of system
    operations will fail.
 .. note::
    Ensure the certificates have RSA key length >= 2048 bits. The
    |prod-long| Release |this-ver| provides a new version of ``openssl`` which
    requires a minimum of 2048-bit keys for RSA for better security / encryption
    strength.
    You can check the key length by running ``openssl x509 -in <the certificate file> -noout -text``
    and looking for the "Public-Key" in the output. For more information see
    :ref:`Create Certificates Locally using openssl <create-certificates-locally-using-openssl>`.
--- a/doc/source/security/kubernetes/one-single-root-ca-multiple-server-client-certificates-0692df6ce16d.unused
+++ b/doc/source/security/kubernetes/one-single-root-ca-multiple-server-client-certificates-0692df6ce16d.unused
@@ -38,10 +38,6 @@ trusted |CA| list.
    <create-certificates-locally-using-openssl>` on how to generate server
    certificates from the Root |CA| certificate.
    Pay attention to the notes about the certificate’s |SAN| on section
    :ref:`Install/Update the StarlingX Rest and Web Server Certificate
    <install-update-the-starlingx-rest-and-web-server-certificate>`.
    Optionally, set the subject fields uniquely for systemController and each of
    the subclouds.
--- a/doc/source/security/kubernetes/starlingx-rest-api-applications-and-the-web-administration-server-deprecated.rst
+++ b/doc/source/security/kubernetes/starlingx-rest-api-applications-and-the-web-administration-server-deprecated.rst
@@ -44,6 +44,4 @@ hosts.
 For more details, refer to:
-   :ref:`enable-https-access-for-starlingx-rest-and-web-server-endpoints`
+:ref:`enable-https-access-for-starlingx-rest-and-web-server-endpoints`
 -   :ref:`install-update-the-starlingx-rest-and-web-server-certificate`