Bug 1382153

Summary: [DOCS] Improve "Service Serving Certificate Secrets" feature docs
Product: OpenShift Container Platform Reporter: Alex Dellapenta <adellape>
Component: DocumentationAssignee: Ashley Hardin <ahardin>
Status: CLOSED CURRENTRELEASE QA Contact: zhou ying <yinzhou>
Severity: medium Docs Contact: Vikram Goyal <vigoyal>
Priority: medium    
Version: 3.3.0CC: adellape, aheslin, aos-bugs, deads, jokerman, mmccomas
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-04-13 17:00:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Alex Dellapenta 2016-10-05 21:46:17 UTC
Document URL: 

https://docs.openshift.com/container-platform/3.3/dev_guide/secrets.html#service-serving-certificate-secrets

Describe the issue: 

Usage information on this feature (currently Technology Preview in OCP 3.3) is sparse.

Suggestions for improvement: 

Needs more information around how the certificate is generated and maintained so people know what they are using. More information on how OCP life cycles the certificate and what AES/SHA it uses.

Additional information: 

SignatureAlgorithm: x509.SHA256WithRSA,

Feature is intended to support complex middleware apps that need out-of-the-box certificates. It's an x509 with the same settings as the server certs generated by the admin tooling for nodes and masters. To rotate, delete the cert and a new one will be created.

Comment 8 Ashley Hardin 2017-03-27 18:11:29 UTC
Work in progress:
https://github.com/openshift/openshift-docs/pull/4036

Comment 9 zhou ying 2017-03-31 01:18:18 UTC
Doc LGTM, so will verify this issue.

Comment 10 openshift-github-bot 2017-03-31 14:12:19 UTC
Commits pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/077befff403bcefb38225b800f673bfb56e0d9e7
Bug 1382153, Added more details to the Service Serving Certificate Secrets section

https://github.com/openshift/openshift-docs/commit/d97ecd2b4b1302505783ae6f7b693f9714a6a143
Merge pull request #4036 from ahardin-rh/improve-service-serving-certs-secrets

Bug 1382153, Added more details to the Service Serving Certificate Secrets section