openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

Removing namespace from etcd client cert docs

Browse Source
This commit is contained in:
Laura Hinson
2025-07-21 13:17:08 -04:00
committed by openshift-cherrypick-robot
parent 9f1afe4ea9
commit 527b620b60
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
security/certificate_types_descriptions/etcd-certificates.adoc
View File

@@ -27,7 +27,7 @@ These certificates are only managed by the system and are automatically rotated.
etcd certificates are used for encrypted communication between etcd member peers and encrypted client traffic. The following certificates are generated and used by etcd and other processes that communicate with etcd:
* Peer certificates: Used for communication between etcd members.
* Client certificates: Used for encrypted server-client communication. Client certificates are currently used by the API server only, and no other service should connect to etcd directly except for the proxy. Client secrets (`etcd-client`, `etcd-metric-client`, `etcd-metric-signer`, and `etcd-signer`) are added to the `openshift-config`, `openshift-etcd`, `openshift-monitoring`, and `openshift-kube-apiserver` namespaces.
* Client certificates: Used for encrypted server-client communication. Client certificates are currently used by the API server only, and no other service should connect to etcd directly except for the proxy. Client secrets (`etcd-client`, `etcd-metric-client`, `etcd-metric-signer`, and `etcd-signer`) are added to the `openshift-config`, `openshift-etcd`, and `openshift-kube-apiserver` namespaces.
* Server certificates: Used by the etcd server for authenticating client requests.
* Metric certificates: All metric consumers connect to proxy with metric-client certificates.