clarify language around CSRs

three changes:

CSRs don't have expiry dates

"-nodes" just means "no encryption" it's not really specific to DES

the cert comes from the controller not the CSR
This commit is contained in:
Carl
2019-06-11 11:30:39 -07:00
committed by Jerome Petazzoni
parent d71a636a9d
commit ef6a5f05f8

View File

@@ -62,7 +62,7 @@ This is what I do if I want to obtain a certificate.
2. Create a Certificate Signing Request (CSR).
(The CSR contains the identity that I claim and an expiration date.)
(The CSR contains the identity that I claim and a public key.)
3. Send that CSR to the Certificate Authority (CA).
@@ -345,7 +345,7 @@ The command above generates:
kctx -
```
- Retrieve the certificate from the CSR:
- Retrieve the certificate from the controller:
```bash
kubectl get csr users:jean.doe \
-o jsonpath={.status.certificate} \