website: correct a few last things in CA docs

This commit is contained in:
Kyle Havlovitz 2018-06-25 11:12:53 -07:00 committed by Jack Pearkes
parent 93cd52024d
commit c11e1b51e4
2 changed files with 3 additions and 2 deletions

View File

@ -17,7 +17,7 @@ such as when a service needs a new certificate or during CA rotation events.
The CA provider abstraction enables Consul to support multiple systems for
storing and signing certificates. Consul ships with a
[built-in CA](/docs/connect/ca/consul.html) which generates and stores the
root certificate and private key on the Consul servers. Consul also also
root certificate and private key on the Consul servers. Consul also has
built-in support for
[Vault as a CA](/docs/connect/ca/vault.html). With Vault, the root certificate
and private key material remain with the Vault cluster. A future version of

View File

@ -50,7 +50,8 @@ is used if configuring in an agent configuration file.
must be a valid
[SPIFFE SVID signing certificate](https://github.com/spiffe/spiffe/blob/master/standards/X509-SVID.md)
and the URI in the SAN must match the cluster identifier created at
bootstrap with the ".consul" TLD.
bootstrap with the ".consul" TLD. The cluster identifier can be found
using the [CA List Roots endpoint](/api/connect/ca.html#list-ca-root-certificates).
## Specifying a Custom Private Key and Root Certificate