From ec8a7167b389078b993e7b5d61ce2b4aa71dddea Mon Sep 17 00:00:00 2001 From: dfitzmau Date: Fri, 13 Dec 2024 11:29:06 +0000 Subject: [PATCH] OCPBUGS-46020: Fixed link in Location section of Proxy cert doc --- modules/security-hardening-what.adoc | 15 +++++---------- .../proxy-certificates.adoc | 4 +--- 2 files changed, 6 insertions(+), 13 deletions(-) diff --git a/modules/security-hardening-what.adoc b/modules/security-hardening-what.adoc index dea89e45bf..a330901f70 100644 --- a/modules/security-hardening-what.adoc +++ b/modules/security-hardening-what.adoc @@ -6,18 +6,13 @@ = Choosing what to harden in {op-system} ifdef::openshift-origin[] -The link:https://docs.fedoraproject.org/en-US/Fedora/19/html/Security_Guide/chap-Security_Guide-Basic_Hardening.html[{op-system-base} Security Hardening] guide describes how you should approach security for any -{op-system-base} system. +The link:https://docs.fedoraproject.org/en-US/Fedora/19/html/Security_Guide/chap-Security_Guide-Basic_Hardening.html[{op-system-base} Security Hardening] guide describes how you should approach security for any {op-system-base} system. endif::[] ifdef::openshift-enterprise,openshift-webscale,openshift-aro[] -The link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/security_hardening/index#scanning-container-and-container-images-for-vulnerabilities_scanning-the-system-for-security-compliance-and-vulnerabilities[{op-system-base} 8 Security Hardening] guide describes how you should approach security for any -{op-system-base} system. +The link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#scanning-container-and-container-images-for-vulnerabilities_scanning-the-system-for-security-compliance-and-vulnerabilities[{op-system-base} 9 Security Hardening] guide describes how you should approach security for any {op-system-base} system. endif::[] -Use this guide to learn how to approach cryptography, evaluate -vulnerabilities, and assess threats to various services. -Likewise, you can learn how to scan for compliance standards, check file -integrity, perform auditing, and encrypt storage devices. +Use this guide to learn how to approach cryptography, evaluate vulnerabilities, and assess threats to various services. +Likewise, you can learn how to scan for compliance standards, check file integrity, perform auditing, and encrypt storage devices. -With the knowledge of what features you want to harden, you can then -decide how to harden them in {op-system}. +With the knowledge of what features you want to harden, you can then decide how to harden them in {op-system}. diff --git a/security/certificate_types_descriptions/proxy-certificates.adoc b/security/certificate_types_descriptions/proxy-certificates.adoc index 6477eddd9d..50622d1076 100644 --- a/security/certificate_types_descriptions/proxy-certificates.adoc +++ b/security/certificate_types_descriptions/proxy-certificates.adoc @@ -64,9 +64,7 @@ The user-provided trust bundle is represented as a config map. The config map is Complete proxy support means connecting to the specified proxy and trusting any signatures it has generated. Therefore, it is necessary to let the user specify a trusted root, such that any certificate chain connected to that trusted root is also trusted. -If using the RHCOS trust bundle, place CA certificates in `/etc/pki/ca-trust/source/anchors`. - -See link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/using-shared-system-certificates_security-hardening[Using shared system certificates] in the Red Hat Enterprise Linux documentation for more information. +If you use the {op-system} trust bundle, place CA certificates in `/etc/pki/ca-trust/source/anchors`. For more information, see link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/securing_networks/using-shared-system-certificates_securing-networks[Using shared system certificates] in the {op-system-base-full} _Securing networks_ document. == Expiration