Updates HTTPS Listener to Use Hostname Issue 601

Signed-off-by: danehans <daneyonhansen@gmail.com>

docs/user/secure-gateways.md

@@ -25,17 +25,17 @@ Create a root certificate and private key to sign certificates:
 openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -subj '/O=example Inc./CN=example.com' -keyout example.com.key -out example.com.crt
 ```
 
-Create a certificate and a private key for `www.example.com`:
+Create a certificate and a private key for `secure.example.com`:
 
 ```shell
-openssl req -out www.example.com.csr -newkey rsa:2048 -nodes -keyout www.example.com.key -subj "/CN=www.example.com/O=httpbin organization"
-openssl x509 -req -days 365 -CA example.com.crt -CAkey example.com.key -set_serial 0 -in www.example.com.csr -out www.example.com.crt
+openssl req -out secure.example.com.csr -newkey rsa:2048 -nodes -keyout secure.example.com.key -subj "/CN=secure.example.com/O=example organization"
+openssl x509 -req -days 365 -CA example.com.crt -CAkey example.com.key -set_serial 0 -in secure.example.com.csr -out secure.example.com.crt
 ```
 
 Store the cert/key in a Secret:
 
 ```shell
-kubectl create secret tls example-cert --key=www.example.com.key --cert=www.example.com.crt
+kubectl create secret tls example-cert --key=secure.example.com.key --cert=secure.example.com.crt
 ```
 
 Update the Gateway from the Quickstart guide to include an HTTPS listener that listens on port `8443` and references the
@@ -49,6 +49,7 @@ kubectl patch gateway eg --type=json --patch '[{
       "name": "https",
       "protocol": "HTTPS",
       "port": 8443,
+      "hostname": "secure.example.com",
       "tls": {
         "mode": "Terminate",
         "certificateRefs": [{
@@ -80,8 +81,8 @@ kubectl -n envoy-gateway-system port-forward service/${ENVOY_SERVICE} 8043:8443
 Query the example app through Envoy proxy:
 
 ```shell
-curl -v -HHost:www.example.com --resolve "www.example.com:8043:127.0.0.1" \
---cacert example.com.crt https://www.example.com:8043/get
+curl -v -HHost:secure.example.com --resolve "secure.example.com:8043:127.0.0.1" \
+--cacert example.com.crt https://secure.example.com:8043/get
 ```
 
 ### Clusters with External LoadBalancer Support
@@ -95,8 +96,8 @@ export GATEWAY_HOST=$(kubectl get gateway/eg -o jsonpath='{.status.addresses[0].
 Query the example app through the Gateway:
 
 ```shell
-curl -v -HHost:www.example.com --resolve "www.example.com:8443:${GATEWAY_HOST}" \
---cacert example.com.crt https://www.example.com:8443/get
+curl -v -HHost:secure.example.com --resolve "secure.example.com:8443:${GATEWAY_HOST}" \
+--cacert example.com.crt https://secure.example.com:8443/get
 ```
 
 ## Multiple HTTPS Listeners
@@ -139,7 +140,7 @@ spec:
 Store the previously created cert/key in Secret `example-cert-2`:
 
 ```shell
-kubectl create secret tls example-cert-2 --key=www.example.com.key --cert=www.example.com.crt
+kubectl create secret tls example-cert-2 --key=secure.example.com.key --cert=secure.example.com.crt
 ```
 
 Follow the steps in the [Testing section](#testing) to test connectivity to the backend app through both Gateway
@@ -180,7 +181,7 @@ kubectl delete secret/example-cert
 Recreate the example Secret in the `envoy-gateway-system` namespace:
 
 ```shell
-kubectl create secret tls example-cert -n envoy-gateway-system --key=www.example.com.key --cert=www.example.com.crt
+kubectl create secret tls example-cert -n envoy-gateway-system --key=secure.example.com.key --cert=secure.example.com.crt
 ```
 
 Update the Gateway HTTPS listener with `namespace: envoy-gateway-system`, for example:
@@ -228,6 +229,5 @@ kubectl delete secret/example-cert-2
 Checkout the [Developer Guide](../../DEVELOPER.md) to get involved in the project.
 
 [kind]: https://kind.sigs.k8s.io/
-[httpbin_methods]: https://httpbin.org/#/HTTP_Methods
 [Issue 520]: https://github.com/envoyproxy/gateway/issues/520
 [ReferenceGrant]: https://gateway-api.sigs.k8s.io/api-types/referencegrant/