Commit 02b5c69c authored by Patrick Steinhardt's avatar Patrick Steinhardt Committed by Evan Read

Improve docs about certificates when enabling TLS for Gitaly nodes

In order to configure Gitaly to communicate via TLS, its certificate
needs to be installed to all Gitaly nodes including itself as well as
all off its clients. The paragraph mentioning this is confusingly
worded, making it easy to miss its intention.

Reword the paragraph to make its intention clearer.
parent 5786170f
...@@ -415,9 +415,9 @@ with a Gitaly instance that listens for secure connections you will need to use ...@@ -415,9 +415,9 @@ with a Gitaly instance that listens for secure connections you will need to use
scheme in the `gitaly_address` of the corresponding storage entry in the GitLab configuration. scheme in the `gitaly_address` of the corresponding storage entry in the GitLab configuration.
You will need to bring your own certificates as this isn't provided automatically. You will need to bring your own certificates as this isn't provided automatically.
The certificate to be used needs to be installed on all Gitaly nodes, and the The certificate, or its certificate authority, must be installed on all Gitaly
certificate (or CA of certificate) on all nodes (including the Gitaly node using the certificate) and on all client nodes
client nodes that communicate with it following the procedure described in that communicate with it following the procedure described in
[GitLab custom certificate configuration](https://docs.gitlab.com/omnibus/settings/ssl.html#install-custom-public-certificates). [GitLab custom certificate configuration](https://docs.gitlab.com/omnibus/settings/ssl.html#install-custom-public-certificates).
NOTE: **Note** NOTE: **Note**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment