status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Final edits to encryption doc.

This commit is contained in:
Ryan Breen 2015-01-31 22:01:33 -05:00
parent b18b6491ff
commit 02c7ed0e94
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
website/source/docs/agent/encryption.html.markdown
View File

@ -71,9 +71,8 @@ present on all agents, set via the agent's `ca_file` option. All server nodes mu
appropriate key pair set using `cert_file` and `key_file`.
If `verify_incoming` is set, the servers verify the authenticity of all incoming
connections. Servers will also disallow any non-TLS connections. All clients must have
a valid key pair set using `cert_file` and `key_file`. To force clients to use TLS,
`verify_outgoing` must also be set.
connections. All clients must have a valid key pair set using `cert_file` and `key_file`. Servers will
also disallow any non-TLS connections. To force clients to use TLS, `verify_outgoing` must also be set.
TLS is used to secure the RPC calls between agents, but gossip between nodes is done over UDP
and is secured using a symmetric key. See above for enabling gossip encryption.