Skip to content

Commit

Permalink
TLS reference guide IDs' unification
Browse files Browse the repository at this point in the history
Signed-off-by: Michal Maléř <mmaler@redhat.com>
  • Loading branch information
MichalMaler committed Sep 16, 2024
1 parent afef05e commit fa370b3
Showing 1 changed file with 5 additions and 6 deletions.
11 changes: 5 additions & 6 deletions docs/src/main/asciidoc/tls-registry-reference.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ The TLS Registry extension is automatically included in your project when you us
As a result, applications that use the TLS Registry can be ready to handle secure communications out of the box.
TLS Registry also provides features like automatic certificate reloading, Let's Encrypt (ACME) integration, Kubernetes Cert-Manager support, and compatibility with various keystore formats, such as PKCS12, PEM, and JKS.

[#using-the-tls-registry]
[[using-the-tls-registry]]
== Using the TLS registry

To configure a TLS connection, including key and truststores, use the `+quarkus.tls.*+` properties.
Expand Down Expand Up @@ -126,7 +126,7 @@ quarkus.grpc.server.plain-text=false
+
This configuration enables mTLS by ensuring that both the server and client validate each other's certificates, which provides an additional layer of security.

[#referencing-a-tls-configuration]
[[referencing-a-tls-configuration]]
== Referencing a TLS configuration

To reference an example _named_ configuration that you created by using the `quarkus.tls.<name>.*` properties as explained in <<using-the-tls-registry>>
Expand Down Expand Up @@ -257,7 +257,7 @@ quarkus.tls.key-store.jks.alias-password=my-alias-password
* Alternatively, use SNI to select the appropriate certificate and private key.
Note that all keys must use the same password.

Check warning on line 258 in docs/src/main/asciidoc/tls-registry-reference.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Fluff] Depending on the context, consider using 'Be concise: rewrite the sentence to not use' rather than 'Note that'. Raw Output: {"message": "[Quarkus.Fluff] Depending on the context, consider using 'Be concise: rewrite the sentence to not use' rather than 'Note that'.", "location": {"path": "docs/src/main/asciidoc/tls-registry-reference.adoc", "range": {"start": {"line": 258, "column": 1}}}, "severity": "INFO"}

[#sni]
[[sni]]
==== SNI

Check warning on line 261 in docs/src/main/asciidoc/tls-registry-reference.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Headings] Use sentence-style capitalization in '3.1.4. SNI'. Raw Output: {"message": "[Quarkus.Headings] Use sentence-style capitalization in '3.1.4. SNI'.", "location": {"path": "docs/src/main/asciidoc/tls-registry-reference.adoc", "range": {"start": {"line": 261, "column": 1}}}, "severity": "INFO"}

Check warning on line 261 in docs/src/main/asciidoc/tls-registry-reference.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.HeadingPunctuation] Do not use end punctuation in headings. Raw Output: {"message": "[Quarkus.HeadingPunctuation] Do not use end punctuation in headings.", "location": {"path": "docs/src/main/asciidoc/tls-registry-reference.adoc", "range": {"start": {"line": 261, "column": 1}}}, "severity": "INFO"}

Server Name Indication (SNI) is a TLS extension that makes it possible for a client to specify the host name to which it attempts to connect during the TLS handshake.

Check warning on line 263 in docs/src/main/asciidoc/tls-registry-reference.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.TermsWarnings] Consider using 'hostname' rather than 'host name' unless updating existing content that uses the term. Raw Output: {"message": "[Quarkus.TermsWarnings] Consider using 'hostname' rather than 'host name' unless updating existing content that uses the term.", "location": {"path": "docs/src/main/asciidoc/tls-registry-reference.adoc", "range": {"start": {"line": 263, "column": 100}}}, "severity": "WARNING"}

Check warning on line 263 in docs/src/main/asciidoc/tls-registry-reference.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.TermsSuggestions] Depending on the context, consider using ', which (non restrictive clause preceded by a comma)' or 'that (restrictive clause without a comma)' rather than 'which'. Raw Output: {"message": "[Quarkus.TermsSuggestions] Depending on the context, consider using ', which (non restrictive clause preceded by a comma)' or 'that (restrictive clause without a comma)' rather than 'which'.", "location": {"path": "docs/src/main/asciidoc/tls-registry-reference.adoc", "range": {"start": {"line": 263, "column": 112}}}, "severity": "INFO"}
Expand Down Expand Up @@ -585,7 +585,7 @@ When an application that uses the TLS extension starts, the TLS registry perform

If any of these checks fail, the application will not start.

[#reloading-certificates]
[[reloading-certificates]]
== Reloading certificates

The `TlsConfiguration` obtained from the `TLSConfigurationRegistry` includes a mechanism for reloading certificates.
Expand Down Expand Up @@ -1267,12 +1267,11 @@ quarkus.http.insecure-requests=redirect
====

[[lets-encrypt-prepare]]

The challenge is served from the primary HTTP interface (accessible from your DNS domain name).

Check warning on line 1270 in docs/src/main/asciidoc/tls-registry-reference.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.CaseSensitiveTerms] Use 'management console' rather than 'HTTP interface'. Raw Output: {"message": "[Quarkus.CaseSensitiveTerms] Use 'management console' rather than 'HTTP interface'.", "location": {"path": "docs/src/main/asciidoc/tls-registry-reference.adoc", "range": {"start": {"line": 1270, "column": 42}}}, "severity": "INFO"}

IMPORTANT: Do not start your application yet.

[[lets-encrypt-prepare]]
=== Application preparation

Before you request a Let's Encrypt certificate:
Expand Down

0 comments on commit fa370b3

Please sign in to comment.