From 0d26a5e5fc1568f60a25fe5d712bb2cae7d039f6 Mon Sep 17 00:00:00 2001 From: Tobias McNulty Date: Thu, 31 Mar 2022 15:10:29 -0400 Subject: [PATCH] Update tls.md with correct keys in `certConfig` (#1075) --- docs/tls.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/tls.md b/docs/tls.md index f836bd7c202..ddedbabdba5 100644 --- a/docs/tls.md +++ b/docs/tls.md @@ -8,11 +8,11 @@ This approach creates TLS certificates automatically using the Kubernetes cluste To enable automatic CSR generation on Tenant, set `requestAutoCert` field in the config file to `true`. Optionally you can also pass additional configuration parameters to be used under `certConfig` section. The `certConfig` section currently supports below fields: -- CommonName: By default this is set to a wild card domain name as per [Kubernetes StatefulSet Pod Identity](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-identity). Set it any other value as per your requirements. +- commonName: By default this is set to a wild card domain name as per [Kubernetes StatefulSet Pod Identity](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-identity). Set it any other value as per your requirements. -- Organization: By default set to `Acme Co`. Change it to the name of your organization. +- organizationName: By default set to list `["system:nodes"]`. Change it to a list with the name of your organization, e.g., `organizationName: [my-org]`. -- DNSNames: By default set to list of all pod DNS names that are part of current Tenant. Any value added under this section will be appended to the list of existing pod DNS names. +- dnsNames: By default set to list of all pod DNS names that are part of current Tenant. Any value added under this section will be appended to the list of existing pod DNS names. Once you enable `requestAutoCert` field and create the Tenant, MinIO Operator creates a CSR for this instance and sends to the Kubernetes API server. MinIO Operator will then approve the CSR. After the CSR is approved and Certificate available, MinIO operator downloads the certificate and then mounts the Private Key and Certificate within the Tenant pod.