docs: fix filenames (#7453)

This commit is contained in:
Hans Hasselberg 2020-03-17 21:00:45 +01:00 committed by GitHub
parent 9e8eb7896f
commit 672db9bef6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 20 additions and 20 deletions

View File

@ -228,10 +228,10 @@ Usage: consul tls cert create [options]
and all ACL tokens. Do not distribute them to production hosts
that are not server nodes. Store them as securely as CA keys.
==> Using consul-agent-ca.pem and consul-agent-ca-key.pem
==> Saved consul-server-dc1-0.pem
==> Saved consul-server-dc1-0-key.pem
==> Saved dc1-server-consul-0.pem
==> Saved dc1-server-consul-0-key.pem
$ consul tls cert -client
==> Using consul-agent-ca.pem and consul-agent-ca-key.pem
==> Saved consul-client-dc1-0.pem
==> Saved consul-client-dc1-0-key.pem
==> Saved dc1-client-consul-0.pem
==> Saved dc1-client-consul-0-key.pem
`

View File

@ -35,14 +35,14 @@ Usage: consul tls cert <subcommand> [options] [filename-prefix]
Create a certificate
$ consul tls cert create -server
==> saved consul-server-dc1.pem
==> saved consul-server-dc1-key.pem
==> saved dc1-server-consul.pem
==> saved dc1-server-consul-key.pem
Create a certificate with your own CA:
$ consul tls cert create -server -ca-file my-ca.pem -ca-key-file my-ca-key.pem
==> saved consul-server-dc1.pem
==> saved consul-server-dc1-key.pem
==> saved dc1-server-consul.pem
==> saved dc1-server-consul-key.pem
For more examples, ask for subcommand help or view the documentation.
`

View File

@ -25,8 +25,8 @@ Create a client certificate:
```text
$ consul tls cert create -client
==> Using consul-agent-ca.pem and consul-agent-ca-key.pem
==> Saved consul-client-dc1-0.pem
==> Saved consul-client-dc1-0-key.pem
==> Saved dc1-client-consul-0.pem
==> Saved dc1-client-consul-0-key.pem
```
For more examples, ask for subcommand help or view the subcommand documentation

View File

@ -22,8 +22,8 @@ $ consul tls cert create -server
and all ACL tokens. Do not distribute them to production hosts
that are not server nodes. Store them as securely as CA keys.
==> Using consul-ca.pem and consul-ca-key.pem
==> Saved consul-server-dc1-0.pem
==> Saved consul-server-dc1-0-key.pem
==> Saved dc1-server-consul-0.pem
==> Saved dc1-server-consul-0-key.pem
```
Create a certificate for clients:
@ -67,4 +67,4 @@ Usage: `consul tls cert create [filename-prefix] [options]`
- `-key=<string>` - Provide path to the key
- `-server` - Generate server certificate
- `-server` - Generate server certificate

View File

@ -144,12 +144,12 @@ After TLS has been configured on all the agents, you can start the agents and RP
"verify_outgoing": true,
"verify_server_hostname": true,
"ca_file": "consul-agent-ca.pem",
"cert_file": "consul-server-dc1-0.pem",
"key_file": "consul-server-dc1-0-key.pem"
"cert_file": "dc1-server-consul-0.pem",
"key_file": "dc1-server-consul-0-key.pem"
}
```
Note, for clients, the default `cert_file` and `key_file` will be named according to their cluster for. For example, `consul-client-dc1-0.pem`.
Note, for clients, the default `cert_file` and `key_file` will be named according to their cluster for. For example, `dc1-client-consul-0.pem`.
The `verify_outgoing` parameter enables agents to verify the authenticity of Consul servers for outgoing connections. The `verify_server_hostname` parameter requires outgoing connections to perform hostname verification and is critically important to prevent compromised client agents from becoming servers and revealing all state to the attacker. Finally, the `verify_incoming` parameter enables the servers to verify the authenticity of all incoming connections.
@ -169,8 +169,8 @@ Enabling TLS on an existing cluster is supported. This process assumes a startin
"verify_incoming": false,
"verify_outgoing": false,
"ca_file": "consul-agent-ca.pem",
"cert_file": "consul-server-dc1-0.pem",
"key_file": "consul-server-dc1-0-key.pem"
"cert_file": "dc1-server-consul-0.pem",
"key_file": "dc1-server-consul-0-key.pem"
}
```
@ -192,8 +192,8 @@ Next, perform a rolling restart of each agent in the cluster. After this step, T
"verify_outgoing": true,
"verify_server_hostname": true,
"ca_file": "consul-agent-ca.pem",
"cert_file": "consul-server-dc1-0.pem",
"key_file": "consul-server-dc1-0-key.pem"
"cert_file": "dc1-server-consul-0.pem",
"key_file": "dc1-server-consul-0-key.pem"
}
```