From 0c4633a23107adaf7b0dc24d7ca72a9610d9e563 Mon Sep 17 00:00:00 2001 From: FFMMM Date: Fri, 3 Dec 2021 10:44:36 -0800 Subject: [PATCH] update connect ca leaf endpoint docs (#11723) * update connect ca leaf endpoint docs Signed-off-by: FFMMM * pr feedback * Update website/content/api-docs/agent/connect.mdx Co-authored-by: Chris S. Kim Co-authored-by: Chris S. Kim --- website/content/api-docs/agent/connect.mdx | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/website/content/api-docs/agent/connect.mdx b/website/content/api-docs/agent/connect.mdx index 2e31ac1254..8b7da249dd 100644 --- a/website/content/api-docs/agent/connect.mdx +++ b/website/content/api-docs/agent/connect.mdx @@ -169,10 +169,14 @@ The agent generates a CSR locally and calls the is cached and returned by this API until it is near expiry or the root certificates change. -This API supports blocking queries. The blocking query will block until -a new certificate is necessary because the existing certificate will expire -or the root certificate is being rotated. This blocking behavior allows -clients to efficiently wait for certificate rotations. +Non blocking queries to this endpoint will always check that the leaf certificate is not expired +and that the root certificates have not changed. Otherwise, a new leaf certificate is generated. + +This API supports blocking queries. The blocking query will block until +a new certificate is necessary (because the existing certificate will expire, is expired, +or the root certificate is being rotated), or until the query timeout is reached. The current +query timeout is set to 10 minutes. This blocking behavior allows clients to +wait for certificate rotations. | Method | Path | Produces | | ------ | --------------------------------- | ------------------ |