Merge pull request #750 from entando/ENDOC-302-tls-merge

ENDOC-302 Merge PR feedback
entando · Jun 16, 2023 · a1481f2 · a1481f2
2 parents 48e7ea6 + 47d5abc
commit a1481f2
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 8 deletions.
diff --git a/vuepress/docs/v7.2/tutorials/devops/manage-nginx.md b/vuepress/docs/v7.2/tutorials/devops/manage-nginx.md
@@ -63,7 +63,7 @@ Hostname: hello-app
 ```
 Note that you will need the EXTERNAL-IP address of your ingress controller to configure the application.
 
-7. Verify that you configured the ingress class in the Operator `ConfigMap` so Entando knows which ingress controller should be used:
+7. Verify that you configured the `ingress.class` in the Operator `ConfigMap` so Entando knows which ingress controller should be used:
 
 `entando.ingress.class: "nginx"`
 
@@ -74,7 +74,7 @@ kubectl delete deploy/hello-server service/hello-server ing/ingress-resource
 
 ## Customize the NGINX Configuration
 
-There are situations where the default NGINX ingress configuration isn't optimized for Entando, e.g. JWT tokens can be too large or `proxy-buffer-size` can be too small. A `502 Bad Gateway` error may indicate that the config needs to be modified.
+There are situations where the default NGINX ingress configuration isn't optimized for Entando, e.g., JWT tokens can be too large or `proxy-buffer-size` can be too small. A `502 Bad Gateway` error may indicate that the config needs to be modified.
 
 The NGINX controller can be configured for the entire cluster by editing the default NGINX `ConfigMap`, called `ingress-nginx-controller` in the `ingress-nginx` namespace. Add the following to the data parameter:
 

diff --git a/vuepress/docs/v7.2/tutorials/devops/tls-with-cert-mgr.md b/vuepress/docs/v7.2/tutorials/devops/tls-with-cert-mgr.md
@@ -20,7 +20,7 @@ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/
 ```
 
 ## Prepare an Issuer
-An [Issuer](https://cert-manager.io/docs/concepts/issuer) defines *how* `cert-manager` will request TLS certificates. Issuers can either be specific to a single namespace or provided as a cluster-wide `ClusterIssuer`. The following steps are for a cluster-wide configuration using the [Let's Encrypt](https://letsencrypt.org/) automated certificate authority.
+An [Issuer](https://cert-manager.io/docs/concepts/issuer) defines **how** `cert-manager` will request TLS certificates. Issuers can be either specific to a single namespace or provided as a cluster-wide `ClusterIssuer`. The following steps are for a cluster-wide configuration using the [Let's Encrypt](https://letsencrypt.org/) automated certificate authority.
 
 1. Create a file `letsencrypt-prod-cluster.yaml` with the following content:
 ``` yaml
@@ -47,7 +47,7 @@ spec:
 
 2. Replace `YOUR-EMAIL-ADDRESS` with your own email. This will be used by `Let's Encrypt` for certification expiration and update notifications.
 
-3. (Optional) Change the issuer name from `letsencrypt-prod-cluster` to your preferred name. The name is needed when making the `Certificate` request below.
+3. (Optional) Change the issuer name from `letsencrypt-prod-cluster` to your preferred name. The name is needed when creating the `Certificate` resource below.
 
 4. Create the `ClusterIssuer`:
 ``` bash
@@ -86,7 +86,7 @@ spec:
   - key encipherment
 ```
 
-2. Set `YOUR-HOSTNAME` to match your environment. Update *issuerRef:name* to use the issuer name from above.
+2. Set `YOUR-HOSTNAME` to match your environment. Update `issuerRef:name` to use the issuer name from above.
 3. Create the certificate:
 ``` bash
 kubectl apply -f certificate.yaml -n YOUR-NAMESPACE
@@ -108,13 +108,13 @@ data:
 ```
 > *Tip:* For a new Entando installation, the following steps (steps 2+) can be skipped. The operator will apply the TLS changes as part of the regular install process.
 
-2. Two environment variables need to be updated when switching from a non-TLS configuration to a TLS configuration. Edit the `EntandoApp` resource and add the following environment variables with the correct values:
+2. Two environment variables need to be updated when switching from a non-TLS configuration to a TLS configuration. Edit the `EntandoApp` custom resource and add the following environment variables with the correct values:
 ``` yaml
   environmentVariables: 
     - name: KEYCLOAK_AUTH_URL
-      value: https://YOUR-APP-NAME.YOUR-HOST-NAME/auth
+      value: https://YOUR-HOST-NAME/auth
     - name: SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI
-      value: https://YOUR-APP-NAME.YOUR-HOST-NAME/auth/realms/entando
+      value: https://YOUR-HOST-NAME/auth/realms/entando
 ```
 
 3. Also add the following annotation: