-
Story
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
False
-
-
False
-
-
The documentation to use custom certificates to link sites needs to be available on skupper.io. It would be good to show it when searching using search engines.
The documentation at https://github.com/skupperproject/skupper-docs/blob/41176d9b226dc1adcad7b3057cc97afb617e8156/modules/kubernetes/pages/index.adoc is great documentation. It would be good to see a picture of which link is using the certs.
The section talking about creating cert is good to follow without knowing what you are really doing (for people like me who don't understand certs). But, it would be good to see the section talk about how to ask your certificate/security department for certs, what types, how many (this document it seems talks about CA cert in ca directory and site cert in certificate directory), etc. I have never been able to explain to the person giving me a cert what I actually need from them.
Is skupper-console-certs created only if using certain parameters in skupper init? If yes, then it would be good to have a note somewhere.
These sets of commands have an extra $ kubectl patch secret skupper-claims-server -p="{\"data\":{\"ca.crt\": \"$($ kubectl get secret skupper-site-ca -o json -o=jsonpath="
{.data.tls\.crt}")\"}}"
The documentation on https://github.com/skupperproject/skupper-docs/blob/41176d9b226dc1adcad7b3057cc97afb617e8156/modules/kubernetes/pages/service-certs.adoc which talks about using certs between pods and skupper. This documentation would also make more sense if there was a diagram. There isn't much documentation out there talking about encrypting traffic between pod and skupper. So its very confusing why this is needed.
- is related to
-
SKUPPER-2111 Missing documentation regarding custom certificates
- Backlog