geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From zho...@apache.org
Subject [09/40] geode git commit: GEODE-2809 Geode docs: Clarify SSL setup for client This closes #473
Date Thu, 27 Apr 2017 18:47:44 GMT
GEODE-2809 Geode docs: Clarify SSL setup for client
This closes #473


Project: http://git-wip-us.apache.org/repos/asf/geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/geode/commit/9f8ba8de
Tree: http://git-wip-us.apache.org/repos/asf/geode/tree/9f8ba8de
Diff: http://git-wip-us.apache.org/repos/asf/geode/diff/9f8ba8de

Branch: refs/heads/feature/GEM-1299
Commit: 9f8ba8de90e018c5c20f960447fd9b201e8fbcf1
Parents: 6eb9ff3
Author: Dave Barnes <dbarnes@pivotal.io>
Authored: Fri Apr 21 11:54:33 2017 -0700
Committer: Dave Barnes <dbarnes@pivotal.io>
Committed: Mon Apr 24 12:16:15 2017 -0700

----------------------------------------------------------------------
 .../managing/security/implementing_ssl.html.md.erb    | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/geode/blob/9f8ba8de/geode-docs/managing/security/implementing_ssl.html.md.erb
----------------------------------------------------------------------
diff --git a/geode-docs/managing/security/implementing_ssl.html.md.erb b/geode-docs/managing/security/implementing_ssl.html.md.erb
index c19b6d9..4894de7 100644
--- a/geode-docs/managing/security/implementing_ssl.html.md.erb
+++ b/geode-docs/managing/security/implementing_ssl.html.md.erb
@@ -66,13 +66,13 @@ You can use Geode configuration properties to enable or disable SSL, to
identify
 protocols, and to provide the location and credentials for key and trust stores.
 
 <dt>**ssl-enabled-components**</dt>
-<dd>list of components for which to enable SSL. "all" or comma-separated list of components</dd>
+<dd>List of components for which to enable SSL. Component list can be "all" or a comma-separated
list of components.</dd>
 
 <dt>**ssl-require-authentication**</dt>
-<dd>Requires two-way authentication, applies to all components except web. boolean
- if true (the default), two-way authentication is required.</dd>
+<dd>Requires two-way authentication, applies to all components except web. Boolean
- if true (the default), two-way authentication is required.</dd>
 
 <dt>**ssl-web-require-authentication**</dt>
-<dd>Requires two-way authentication for web component. boolean - if true, two-way authentication
is required. Default is false (one-way authentication only).</dd>
+<dd>Requires two-way authentication for web component. Boolean - if true, two-way authentication
is required. Default is false (one-way authentication only).</dd>
 
 <dt>**ssl-default-alias**</dt>
 <dd>A server uses one key store to hold its SSL certificates. All components on that
server can share a
@@ -151,9 +151,13 @@ ssl-default-alias=Locator-Cert
  
 **Client properties**
 
-The client's trust store must trust both locator and server certificates.
+On the client, the list of enabled components reflects the server's configuration so the
client
+knows how it is expected to communicate with (for example) servers and locators.  Paths to
keystore
+and truststore are local to the client.
 
-Since the client did not specify a certificate alias, SSL will use the default certificate
in its key store.
+In this example, the client's trust store must trust both locator and server certificates.
 Since
+the client does not specify a certificate alias, SSL will use the default certificate in
its key
+store.
 
 ``` pre
 ssl-enabled-components=server,locator


Mime
View raw message