From 527b620b60ffd9d4ded5b65d913078d6e3310f96 Mon Sep 17 00:00:00 2001 From: Laura Hinson Date: Mon, 21 Jul 2025 13:17:08 -0400 Subject: [PATCH] Removing namespace from etcd client cert docs --- security/certificate_types_descriptions/etcd-certificates.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/certificate_types_descriptions/etcd-certificates.adoc b/security/certificate_types_descriptions/etcd-certificates.adoc index 378eba0c07..c9c36f167a 100644 --- a/security/certificate_types_descriptions/etcd-certificates.adoc +++ b/security/certificate_types_descriptions/etcd-certificates.adoc @@ -27,7 +27,7 @@ These certificates are only managed by the system and are automatically rotated. etcd certificates are used for encrypted communication between etcd member peers and encrypted client traffic. The following certificates are generated and used by etcd and other processes that communicate with etcd: * Peer certificates: Used for communication between etcd members. -* Client certificates: Used for encrypted server-client communication. Client certificates are currently used by the API server only, and no other service should connect to etcd directly except for the proxy. Client secrets (`etcd-client`, `etcd-metric-client`, `etcd-metric-signer`, and `etcd-signer`) are added to the `openshift-config`, `openshift-etcd`, `openshift-monitoring`, and `openshift-kube-apiserver` namespaces. +* Client certificates: Used for encrypted server-client communication. Client certificates are currently used by the API server only, and no other service should connect to etcd directly except for the proxy. Client secrets (`etcd-client`, `etcd-metric-client`, `etcd-metric-signer`, and `etcd-signer`) are added to the `openshift-config`, `openshift-etcd`, and `openshift-kube-apiserver` namespaces. * Server certificates: Used by the etcd server for authenticating client requests. * Metric certificates: All metric consumers connect to proxy with metric-client certificates.