status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-25 21:19:12 +00:00
Code Issues Projects Releases Wiki Activity

typo (#5407)

Browse Source
This commit is contained in:
Hans Hasselberg 2019-03-01 15:51:37 +01:00 committed by kaitlincarter-hc
parent 4833c5dee5
commit e64c5c5899
1 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
website/source/docs/guides/creating-certificates.html.md
View File

@ -88,8 +88,8 @@ $ consul tls cert create -server
and all ACL tokens. Do not distribute them to production hosts and all ACL tokens. Do not distribute them to production hosts
that are not server nodes. Store them as securely as CA keys. that are not server nodes. Store them as securely as CA keys.
==> Using consul-agent-ca.pem and consul-agent-ca-key.pem ==> Using consul-agent-ca.pem and consul-agent-ca-key.pem
==> Saved consul-server-dc1-0.pem ==> Saved dc1-server-consul-0.pem
==> Saved consul-server-dc1-0-key.pem ==> Saved dc1-server-consul-0-key.pem
``` ```
Please repeat this process until there is an *individual* certificate for each Please repeat this process until there is an *individual* certificate for each
@ -116,8 +116,8 @@ Create a client certificate:
```shell ```shell
$ consul tls cert create -client $ consul tls cert create -client
==> Using consul-agent-ca.pem and consul-agent-ca-key.pem ==> Using consul-agent-ca.pem and consul-agent-ca-key.pem
==> Saved consul-client-dc1-0.pem ==> Saved dc1-client-consul-0.pem
==> Saved consul-client-dc1-0-key.pem ==> Saved dc1-client-consul-0-key.pem
``` ```
Client certificates are also signed by your CA, but they do not have that Client certificates are also signed by your CA, but they do not have that
@ -155,8 +155,8 @@ certificates.
The following files need to be copied to your Consul server: The following files need to be copied to your Consul server:
* `consul-agent-ca.pem`: CA public certificate. * `consul-agent-ca.pem`: CA public certificate.
* `consul-server-dc1-0.pem`: Consul server node public certificate for the `dc1` datacenter. * `dc1-server-consul-0.pem`: Consul server node public certificate for the `dc1` datacenter.
* `consul-server-dc1-0-key.pem`: Consul server node private key for the `dc1` datacenter. * `dc1-server-consul-0-key.pem`: Consul server node private key for the `dc1` datacenter.
Here is an example agent TLS configuration for Consul servers which mentions the Here is an example agent TLS configuration for Consul servers which mentions the
copied files: copied files:
@ -167,8 +167,8 @@ copied files:
"verify_outgoing": true, "verify_outgoing": true,
"verify_server_hostname": true, "verify_server_hostname": true,
"ca_file": "consul-agent-ca.pem", "ca_file": "consul-agent-ca.pem",
"cert_file": "consul-server-dc1-0.pem", "cert_file": "dc1-server-consul-0.pem",
"key_file": "consul-server-dc1-0-key.pem", "key_file": "dc1-server-consul-0-key.pem",
"ports": { "ports": {
"http": -1, "http": -1,
"https": 8501 "https": 8501
@ -189,8 +189,8 @@ After a Consul agent restart, your servers should be only talking TLS.
Now copy the following files to your Consul clients: Now copy the following files to your Consul clients:
* `consul-agent-ca.pem`: CA public certificate. * `consul-agent-ca.pem`: CA public certificate.
* `consul-client-dc1-0.pem`: Consul client node public certificate. * `dc1-client-consul-0.pem`: Consul client node public certificate.
* `consul-client-dc1-0-key.pem`: Consul client node private key. * `dc1-client-consul-0-key.pem`: Consul client node private key.
Here is an example agent TLS configuration for Consul agents which mentions the Here is an example agent TLS configuration for Consul agents which mentions the
copied files: copied files:
@ -201,8 +201,8 @@ copied files:
"verify_outgoing": true, "verify_outgoing": true,
"verify_server_hostname": true, "verify_server_hostname": true,
"ca_file": "consul-agent-ca.pem", "ca_file": "consul-agent-ca.pem",
"cert_file": "consul-client-dc1-0.pem", "cert_file": "dc1-client-consul-0.pem",
"key_file": "consul-client-dc1-0-key.pem", "key_file": "dc1-client-consul-0-key.pem",
"ports": { "ports": {
"http": -1, "http": -1,
"https": 8501 "https": 8501
@ -227,8 +227,8 @@ and the UI:
```shell ```shell
$ consul tls cert create -cli $ consul tls cert create -cli
==> Using consul-agent-ca.pem and consul-agent-ca-key.pem ==> Using consul-agent-ca.pem and consul-agent-ca-key.pem
==> Saved consul-cli-dc1-0.pem ==> Saved dc1-cli-consul-0.pem
==> Saved consul-cli-dc1-0-key.pem ==> Saved dc1-cli-consul-0-key.pem
``` ```
If you are trying to get members of you cluster, the CLI will return an error: If you are trying to get members of you cluster, the CLI will return an error:
@ -247,8 +247,8 @@ Error retrieving members:
But it will work again if you provide the certificates you provided: But it will work again if you provide the certificates you provided:
```shell ```shell
$ consul members -ca-file=consul-agent-ca.pem -client-cert=consul-cli-dc1-0.pem \ $ consul members -ca-file=consul-agent-ca.pem -client-cert=dc1-cli-consul-0.pem \
-client-key=consul-cli-dc1-0-key.pem -http-addr="https://localhost:8501" -client-key=dc1-cli-consul-0-key.pem -http-addr="https://localhost:8501"
Node Address Status Type Build Protocol DC Segment Node Address Status Type Build Protocol DC Segment
... ...
``` ```
@ -260,8 +260,8 @@ environment variables in your shell:
```shell ```shell
$ export CONSUL_HTTP_ADDR=https://localhost:8501 $ export CONSUL_HTTP_ADDR=https://localhost:8501
$ export CONSUL_CACERT=consul-agent-ca.pem $ export CONSUL_CACERT=consul-agent-ca.pem
$ export CONSUL_CLIENT_CERT=consul-cli-dc1-0.pem $ export CONSUL_CLIENT_CERT=dc1-cli-consul-0.pem
$ export CONSUL_CLIENT_KEY=consul-cli-dc1-0-key.pem $ export CONSUL_CLIENT_KEY=dc1-cli-consul-0-key.pem
``` ```
* `CONSUL_HTTP_ADDR` is the URL of the Consul agent and sets the default for * `CONSUL_HTTP_ADDR` is the URL of the Consul agent and sets the default for