)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":32187,"name":"Juanita-Balaraj","email":"juanita.balaraj@windriver.com","username":"jbalaraj"},"change_message_id":"b6391568c69aaa88be746dc24d9f71fd3f698ace","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":8,"id":"a4d28fa1_3c7477e2","updated":"2021-10-29 16:15:32.000000000","message":"As discussed, another review will be opened to address Editorial reviews","commit_id":"99b62b3308dc76da43a832030d9b4239dd04978b"},{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"21dc79262dac2ba7a8ffaa994026906d66720d64","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":8,"id":"b72c2f43_2e77e320","updated":"2021-10-22 18:34:26.000000000","message":"I\u0027ve tested the two examples (internal-ca-nodeport, and external-ca-ingress) and the findings have addressed. So vote +1.","commit_id":"99b62b3308dc76da43a832030d9b4239dd04978b"}],"doc/source/usertasks/kubernetes/index.rst":[{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":87,"context_line":"   kubernetes-user-tutorials-cert-manager"},{"line_number":88,"context_line":"   letsencrypt-example"},{"line_number":89,"context_line":"   internal-ca-and-nodeport-example"},{"line_number":90,"context_line":"   issuers-in-distributes-cloud"},{"line_number":91,"context_line":""},{"line_number":92,"context_line":"--------------------------------"},{"line_number":93,"context_line":"Vault secret and data management"}],"source_content_type":"text/x-rst","patch_set":1,"id":"d68ac474_932e9945","line":90,"range":{"start_line":90,"start_character":14,"end_line":90,"end_character":25},"updated":"2021-09-29 15:07:27.000000000","message":"distributed","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":87,"context_line":"   kubernetes-user-tutorials-cert-manager"},{"line_number":88,"context_line":"   letsencrypt-example"},{"line_number":89,"context_line":"   internal-ca-and-nodeport-example"},{"line_number":90,"context_line":"   issuers-in-distributes-cloud"},{"line_number":91,"context_line":""},{"line_number":92,"context_line":"--------------------------------"},{"line_number":93,"context_line":"Vault secret and data management"}],"source_content_type":"text/x-rst","patch_set":1,"id":"37fc6aaa_aa71af5e","line":90,"range":{"start_line":90,"start_character":14,"end_line":90,"end_character":25},"in_reply_to":"d68ac474_932e9945","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"}],"doc/source/usertasks/kubernetes/internal-ca-and-nodeport-example-2afa2a84603a.rst":[{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"a82886ed582e99f80087873cbe966fbe9db01dd4","unresolved":true,"context_lines":[{"line_number":34,"context_line":"            selfSigned: {}"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":""},{"line_number":37,"context_line":"        # Create a Certificate (and key) for my RootCA"},{"line_number":38,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":39,"context_line":"        kind: Certificate"},{"line_number":40,"context_line":"        metadata:"}],"source_content_type":"text/x-rst","patch_set":6,"id":"492e86f2_8899e0a2","line":37,"updated":"2021-10-21 13:26:30.000000000","message":"Need \"---\" before the line of \"apiVersion ...\"","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"a7c3559fa549419f6bbcfdefab23534278489fd6","unresolved":false,"context_lines":[{"line_number":34,"context_line":"            selfSigned: {}"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":""},{"line_number":37,"context_line":"        # Create a Certificate (and key) for my RootCA"},{"line_number":38,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":39,"context_line":"        kind: Certificate"},{"line_number":40,"context_line":"        metadata:"}],"source_content_type":"text/x-rst","patch_set":6,"id":"fa93cc0a_e3020134","line":37,"in_reply_to":"492e86f2_8899e0a2","updated":"2021-10-21 19:47:09.000000000","message":"Done","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"a82886ed582e99f80087873cbe966fbe9db01dd4","unresolved":true,"context_lines":[{"line_number":49,"context_line":"                kind: ClusterIssuer"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        # Create the RootCA ISSUER"},{"line_number":53,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":54,"context_line":"        kind: Issuer"},{"line_number":55,"context_line":"        metadata:"}],"source_content_type":"text/x-rst","patch_set":6,"id":"a876b946_79f4d1ea","line":52,"updated":"2021-10-21 13:26:30.000000000","message":"Need \"---\" before the line of \"apiVersion ...\"","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"a7c3559fa549419f6bbcfdefab23534278489fd6","unresolved":false,"context_lines":[{"line_number":49,"context_line":"                kind: ClusterIssuer"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        # Create the RootCA ISSUER"},{"line_number":53,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":54,"context_line":"        kind: Issuer"},{"line_number":55,"context_line":"        metadata:"}],"source_content_type":"text/x-rst","patch_set":6,"id":"bcde8967_e242a27c","line":52,"in_reply_to":"a876b946_79f4d1ea","updated":"2021-10-21 19:47:09.000000000","message":"Done","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"08381b30b1013d9f3ef2756126b825d3f4a53f15","unresolved":true,"context_lines":[{"line_number":25,"context_line":""},{"line_number":26,"context_line":"    .. code block:: none"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"        # Create a cluster-wide ISSUER for create self-signed certificates"},{"line_number":29,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":30,"context_line":"        kind: ClusterIssuer"},{"line_number":31,"context_line":"        metadata:"},{"line_number":32,"context_line":"            name: system-selfsigning-issuer"},{"line_number":33,"context_line":"        spec:"},{"line_number":34,"context_line":"            selfSigned: {}"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":""},{"line_number":37,"context_line":"        # Create a Certificate (and key) for my RootCA"},{"line_number":38,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":39,"context_line":"        kind: Certificate"},{"line_number":40,"context_line":"        metadata:"},{"line_number":41,"context_line":"            name: abccompany-starlingx-rootca-certificate"},{"line_number":42,"context_line":"        spec:"},{"line_number":43,"context_line":"            secretName: abccompany-starlingx-rootca-certificate"},{"line_number":44,"context_line":"            duration: 8640h"},{"line_number":45,"context_line":"            commonName: \"abccompany-starlingx-rootca\""},{"line_number":46,"context_line":"            isCA: true"},{"line_number":47,"context_line":"            issuerRef:"},{"line_number":48,"context_line":"                name: system-selfsigning-issuer"},{"line_number":49,"context_line":"                kind: ClusterIssuer"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        # Create the RootCA ISSUER"},{"line_number":53,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":54,"context_line":"        kind: Issuer"},{"line_number":55,"context_line":"        metadata:"},{"line_number":56,"context_line":"            name: abccompany-starlingx-rootca-issuer"},{"line_number":57,"context_line":"        spec:"},{"line_number":58,"context_line":"            ca:"},{"line_number":59,"context_line":"                secretName: abccompany-starlingx-rootca-certificate"},{"line_number":60,"context_line":""},{"line_number":61,"context_line":"#.  Share the public certificate of your internal RootCA to clients such that"},{"line_number":62,"context_line":"    they can trust certificates signed by this RootCA."}],"source_content_type":"text/x-rst","patch_set":6,"id":"a437eef2_570ab171","line":59,"range":{"start_line":28,"start_character":0,"end_line":59,"end_character":67},"updated":"2021-10-20 21:46:24.000000000","message":"I don\u0027t see this in the generated webpage ... without this the example is not complete.","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"a7c3559fa549419f6bbcfdefab23534278489fd6","unresolved":false,"context_lines":[{"line_number":25,"context_line":""},{"line_number":26,"context_line":"    .. code block:: none"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"        # Create a cluster-wide ISSUER for create self-signed certificates"},{"line_number":29,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":30,"context_line":"        kind: ClusterIssuer"},{"line_number":31,"context_line":"        metadata:"},{"line_number":32,"context_line":"            name: system-selfsigning-issuer"},{"line_number":33,"context_line":"        spec:"},{"line_number":34,"context_line":"            selfSigned: {}"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":""},{"line_number":37,"context_line":"        # Create a Certificate (and key) for my RootCA"},{"line_number":38,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":39,"context_line":"        kind: Certificate"},{"line_number":40,"context_line":"        metadata:"},{"line_number":41,"context_line":"            name: abccompany-starlingx-rootca-certificate"},{"line_number":42,"context_line":"        spec:"},{"line_number":43,"context_line":"            secretName: abccompany-starlingx-rootca-certificate"},{"line_number":44,"context_line":"            duration: 8640h"},{"line_number":45,"context_line":"            commonName: \"abccompany-starlingx-rootca\""},{"line_number":46,"context_line":"            isCA: true"},{"line_number":47,"context_line":"            issuerRef:"},{"line_number":48,"context_line":"                name: system-selfsigning-issuer"},{"line_number":49,"context_line":"                kind: ClusterIssuer"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        # Create the RootCA ISSUER"},{"line_number":53,"context_line":"        apiVersion: cert-manager.io/v1alpha2"},{"line_number":54,"context_line":"        kind: Issuer"},{"line_number":55,"context_line":"        metadata:"},{"line_number":56,"context_line":"            name: abccompany-starlingx-rootca-issuer"},{"line_number":57,"context_line":"        spec:"},{"line_number":58,"context_line":"            ca:"},{"line_number":59,"context_line":"                secretName: abccompany-starlingx-rootca-certificate"},{"line_number":60,"context_line":""},{"line_number":61,"context_line":"#.  Share the public certificate of your internal RootCA to clients such that"},{"line_number":62,"context_line":"    they can trust certificates signed by this RootCA."}],"source_content_type":"text/x-rst","patch_set":6,"id":"693cb296_ddb58224","line":59,"range":{"start_line":28,"start_character":0,"end_line":59,"end_character":67},"in_reply_to":"a437eef2_570ab171","updated":"2021-10-21 19:47:09.000000000","message":"Done","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"08381b30b1013d9f3ef2756126b825d3f4a53f15","unresolved":true,"context_lines":[{"line_number":63,"context_line":""},{"line_number":64,"context_line":"    .. code block:: none"},{"line_number":65,"context_line":""},{"line_number":66,"context_line":"        CERT64\u003d`kubectl get secret abccompany-starlingx-rootca-certificate -n default -o yaml | fgrep tls.crt | fgrep -v \"f:tls.crt\" | awk \u0027{print $2}\u0027`"},{"line_number":67,"context_line":"        echo $CERT64 | base64 --decode \u003e abccompany-starlingx-rootca-certificate.pem"},{"line_number":68,"context_line":""},{"line_number":69,"context_line":"#.  Create a deployment of an example demo application that uses NodePort to"},{"line_number":70,"context_line":"    expose its service and therefore manages its |TLS| connection on its own,"}],"source_content_type":"text/x-rst","patch_set":6,"id":"58362a0d_33fbef49","line":67,"range":{"start_line":66,"start_character":0,"end_line":67,"end_character":84},"updated":"2021-10-20 21:46:24.000000000","message":"I don\u0027t see this in the generated webpage ... without this the example is not complete.","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"a7c3559fa549419f6bbcfdefab23534278489fd6","unresolved":false,"context_lines":[{"line_number":63,"context_line":""},{"line_number":64,"context_line":"    .. code block:: none"},{"line_number":65,"context_line":""},{"line_number":66,"context_line":"        CERT64\u003d`kubectl get secret abccompany-starlingx-rootca-certificate -n default -o yaml | fgrep tls.crt | fgrep -v \"f:tls.crt\" | awk \u0027{print $2}\u0027`"},{"line_number":67,"context_line":"        echo $CERT64 | base64 --decode \u003e abccompany-starlingx-rootca-certificate.pem"},{"line_number":68,"context_line":""},{"line_number":69,"context_line":"#.  Create a deployment of an example demo application that uses NodePort to"},{"line_number":70,"context_line":"    expose its service and therefore manages its |TLS| connection on its own,"}],"source_content_type":"text/x-rst","patch_set":6,"id":"16a71103_10c68da4","line":67,"range":{"start_line":66,"start_character":0,"end_line":67,"end_character":84},"in_reply_to":"58362a0d_33fbef49","updated":"2021-10-21 19:47:09.000000000","message":"Done","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"1c5ef9e45862234009e11e994b87c1bbdb84beb8","unresolved":true,"context_lines":[{"line_number":119,"context_line":"                imagePullPolicy: Always"},{"line_number":120,"context_line":"                ports:"},{"line_number":121,"context_line":"                - containerPort: 8443"},{"line_number":122,"context_line":"                  protocol: TCP"},{"line_number":123,"context_line":"                volumeMounts:"},{"line_number":124,"context_line":"                - name: mycert"},{"line_number":125,"context_line":"                  mountPath: \"/etc/mycert\"  # the files tls.crt, tls.key and ca.crt will be under /etc/mycert/ in container"}],"source_content_type":"text/x-rst","patch_set":6,"id":"cd766589_6dbc6937","line":122,"range":{"start_line":122,"start_character":18,"end_line":122,"end_character":31},"updated":"2021-10-21 14:21:16.000000000","message":"Not sure why, but in the generated webpage there is an extra space in front of \"protocol: TCP\", which will fail the yaml file apply.","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"a7c3559fa549419f6bbcfdefab23534278489fd6","unresolved":false,"context_lines":[{"line_number":119,"context_line":"                imagePullPolicy: Always"},{"line_number":120,"context_line":"                ports:"},{"line_number":121,"context_line":"                - containerPort: 8443"},{"line_number":122,"context_line":"                  protocol: TCP"},{"line_number":123,"context_line":"                volumeMounts:"},{"line_number":124,"context_line":"                - name: mycert"},{"line_number":125,"context_line":"                  mountPath: \"/etc/mycert\"  # the files tls.crt, tls.key and ca.crt will be under /etc/mycert/ in container"}],"source_content_type":"text/x-rst","patch_set":6,"id":"a63eb17e_535e8ff3","line":122,"range":{"start_line":122,"start_character":18,"end_line":122,"end_character":31},"in_reply_to":"cd766589_6dbc6937","updated":"2021-10-21 19:47:09.000000000","message":"Done","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"a82886ed582e99f80087873cbe966fbe9db01dd4","unresolved":true,"context_lines":[{"line_number":149,"context_line":"    with ``https://abccompany-starlingx.mycompany.com:31118``."},{"line_number":150,"context_line":""},{"line_number":151,"context_line":"    If you are using busybox to look at mounted cert files, attach to container"},{"line_number":152,"context_line":"    (e.g. ``kubectl attach busybox-… -c busybox -i -t`` and ``cd /etc/mycert;"},{"line_number":153,"context_line":"    ls``)."}],"source_content_type":"text/x-rst","patch_set":6,"id":"0b2d312b_6678e8c1","line":152,"range":{"start_line":152,"start_character":12,"end_line":152,"end_character":53},"updated":"2021-10-21 13:26:30.000000000","message":"use this command instead \"kubectl exec busybox-... -it -- sh\"","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"a7c3559fa549419f6bbcfdefab23534278489fd6","unresolved":false,"context_lines":[{"line_number":149,"context_line":"    with ``https://abccompany-starlingx.mycompany.com:31118``."},{"line_number":150,"context_line":""},{"line_number":151,"context_line":"    If you are using busybox to look at mounted cert files, attach to container"},{"line_number":152,"context_line":"    (e.g. ``kubectl attach busybox-… -c busybox -i -t`` and ``cd /etc/mycert;"},{"line_number":153,"context_line":"    ls``)."}],"source_content_type":"text/x-rst","patch_set":6,"id":"d27ca84d_9509643c","line":152,"range":{"start_line":152,"start_character":12,"end_line":152,"end_character":53},"in_reply_to":"0b2d312b_6678e8c1","updated":"2021-10-21 19:47:09.000000000","message":"Done","commit_id":"cd2414be7285324930fe6b3b36a086c8332f4460"}],"doc/source/usertasks/kubernetes/internal-ca-and-nodeport-example.rst":[{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":5,"context_line":"Internal CA and NodePort Example"},{"line_number":6,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":7,"context_line":""},{"line_number":8,"context_line":"The following is an example of  how to configure an application to use NodePort"},{"line_number":9,"context_line":"to expose its self-managed TLS-based service and to use an Internal CA for"},{"line_number":10,"context_line":"signing CERTIFICATEs."},{"line_number":11,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"f71c5e3f_56fd817a","line":8,"range":{"start_line":8,"start_character":0,"end_line":8,"end_character":32},"updated":"2021-09-29 15:07:27.000000000","message":"This guide provides an example of how\n(delete extra space between \"of how\")","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":5,"context_line":"Internal CA and NodePort Example"},{"line_number":6,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":7,"context_line":""},{"line_number":8,"context_line":"The following is an example of  how to configure an application to use NodePort"},{"line_number":9,"context_line":"to expose its self-managed TLS-based service and to use an Internal CA for"},{"line_number":10,"context_line":"signing CERTIFICATEs."},{"line_number":11,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"82b74187_42c84809","line":8,"range":{"start_line":8,"start_character":0,"end_line":8,"end_character":32},"in_reply_to":"f71c5e3f_56fd817a","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":6,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":7,"context_line":""},{"line_number":8,"context_line":"The following is an example of  how to configure an application to use NodePort"},{"line_number":9,"context_line":"to expose its self-managed TLS-based service and to use an Internal CA for"},{"line_number":10,"context_line":"signing CERTIFICATEs."},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"Note that alternatively an External CA could be used with a NodePort -based"}],"source_content_type":"text/x-rst","patch_set":1,"id":"05656297_adb044ca","line":9,"range":{"start_line":9,"start_character":27,"end_line":9,"end_character":30},"updated":"2021-09-29 15:07:27.000000000","message":"|TLS|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":6,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":7,"context_line":""},{"line_number":8,"context_line":"The following is an example of  how to configure an application to use NodePort"},{"line_number":9,"context_line":"to expose its self-managed TLS-based service and to use an Internal CA for"},{"line_number":10,"context_line":"signing CERTIFICATEs."},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"Note that alternatively an External CA could be used with a NodePort -based"}],"source_content_type":"text/x-rst","patch_set":1,"id":"58c8215b_17d08c2a","line":9,"range":{"start_line":9,"start_character":27,"end_line":9,"end_character":30},"in_reply_to":"05656297_adb044ca","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":9,"context_line":"to expose its self-managed TLS-based service and to use an Internal CA for"},{"line_number":10,"context_line":"signing CERTIFICATEs."},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"Note that alternatively an External CA could be used with a NodePort -based"},{"line_number":13,"context_line":"solution as well."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":".. rubric:: |prereq|"}],"source_content_type":"text/x-rst","patch_set":1,"id":"0b411a5d_1605030f","line":12,"range":{"start_line":12,"start_character":68,"end_line":12,"end_character":69},"updated":"2021-09-29 15:07:27.000000000","message":"delete extra space","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":9,"context_line":"to expose its self-managed TLS-based service and to use an Internal CA for"},{"line_number":10,"context_line":"signing CERTIFICATEs."},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"Note that alternatively an External CA could be used with a NodePort -based"},{"line_number":13,"context_line":"solution as well."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":".. rubric:: |prereq|"}],"source_content_type":"text/x-rst","patch_set":1,"id":"9c48f2c4_ee25e7b2","line":12,"range":{"start_line":12,"start_character":68,"end_line":12,"end_character":69},"in_reply_to":"0b411a5d_1605030f","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":16,"context_line":""},{"line_number":17,"context_line":"This example requires that:"},{"line_number":18,"context_line":""},{"line_number":19,"context_line":"-   Ensure that your Cloud Platform administrator has enabled use of the"},{"line_number":20,"context_line":"    cert-manager apiGroups in your |RBAC| policies."},{"line_number":21,"context_line":""},{"line_number":22,"context_line":".. rubric:: |proc|"}],"source_content_type":"text/x-rst","patch_set":1,"id":"33469dc9_db51f955","line":19,"range":{"start_line":19,"start_character":21,"end_line":19,"end_character":35},"updated":"2021-09-29 15:07:27.000000000","message":"Change to the correct variable","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":16,"context_line":""},{"line_number":17,"context_line":"This example requires that:"},{"line_number":18,"context_line":""},{"line_number":19,"context_line":"-   Ensure that your Cloud Platform administrator has enabled use of the"},{"line_number":20,"context_line":"    cert-manager apiGroups in your |RBAC| policies."},{"line_number":21,"context_line":""},{"line_number":22,"context_line":".. rubric:: |proc|"}],"source_content_type":"text/x-rst","patch_set":1,"id":"99e59f71_02366c0c","line":19,"range":{"start_line":19,"start_character":21,"end_line":19,"end_character":35},"in_reply_to":"33469dc9_db51f955","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":60,"context_line":"                secretName: abccompany-starlingx-rootca-certificate"},{"line_number":61,"context_line":""},{"line_number":62,"context_line":"#.  Share the public certificate of your Internal RootCA to clients such that"},{"line_number":63,"context_line":"    they can trust certificates signed by this RootCA"},{"line_number":64,"context_line":""},{"line_number":65,"context_line":"    .. code block:: none"},{"line_number":66,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"08b5fe66_5b43d2aa","line":63,"range":{"start_line":63,"start_character":47,"end_line":63,"end_character":53},"updated":"2021-09-29 15:07:27.000000000","message":"add . at end of sentence","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":60,"context_line":"                secretName: abccompany-starlingx-rootca-certificate"},{"line_number":61,"context_line":""},{"line_number":62,"context_line":"#.  Share the public certificate of your Internal RootCA to clients such that"},{"line_number":63,"context_line":"    they can trust certificates signed by this RootCA"},{"line_number":64,"context_line":""},{"line_number":65,"context_line":"    .. code block:: none"},{"line_number":66,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"56a65b14_5c6b8747","line":63,"range":{"start_line":63,"start_character":47,"end_line":63,"end_character":53},"in_reply_to":"08b5fe66_5b43d2aa","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":67,"context_line":"        CERT64\u003d`kubectl get secret abccompany-starlingx-rootca-certificate -n default -o yaml | fgrep tls.crt | fgrep -v \"f:tls.crt\" | awk \u0027{print $2}\u0027`"},{"line_number":68,"context_line":"        echo $CERT64 | base64 --decode \u003e abccompany-starlingx-rootca-certificate.pem"},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"#.  Create a deployment of an example demo application which uses NodePort to"},{"line_number":71,"context_line":"    expose its service and therefore manages its TLS connection on its own,"},{"line_number":72,"context_line":"    using a certificate it creates on its own."},{"line_number":73,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"68d51223_45c2830b","line":70,"range":{"start_line":70,"start_character":55,"end_line":70,"end_character":61},"updated":"2021-09-29 15:07:27.000000000","message":"that","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":67,"context_line":"        CERT64\u003d`kubectl get secret abccompany-starlingx-rootca-certificate -n default -o yaml | fgrep tls.crt | fgrep -v \"f:tls.crt\" | awk \u0027{print $2}\u0027`"},{"line_number":68,"context_line":"        echo $CERT64 | base64 --decode \u003e abccompany-starlingx-rootca-certificate.pem"},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"#.  Create a deployment of an example demo application which uses NodePort to"},{"line_number":71,"context_line":"    expose its service and therefore manages its TLS connection on its own,"},{"line_number":72,"context_line":"    using a certificate it creates on its own."},{"line_number":73,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"3934f973_2cef222e","line":70,"range":{"start_line":70,"start_character":55,"end_line":70,"end_character":61},"in_reply_to":"68d51223_45c2830b","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":68,"context_line":"        echo $CERT64 | base64 --decode \u003e abccompany-starlingx-rootca-certificate.pem"},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"#.  Create a deployment of an example demo application which uses NodePort to"},{"line_number":71,"context_line":"    expose its service and therefore manages its TLS connection on its own,"},{"line_number":72,"context_line":"    using a certificate it creates on its own."},{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    Apply the following manifest."}],"source_content_type":"text/x-rst","patch_set":1,"id":"08e4f501_381364bc","line":71,"range":{"start_line":71,"start_character":49,"end_line":71,"end_character":52},"updated":"2021-09-29 15:07:27.000000000","message":"|TLS|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":68,"context_line":"        echo $CERT64 | base64 --decode \u003e abccompany-starlingx-rootca-certificate.pem"},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"#.  Create a deployment of an example demo application which uses NodePort to"},{"line_number":71,"context_line":"    expose its service and therefore manages its TLS connection on its own,"},{"line_number":72,"context_line":"    using a certificate it creates on its own."},{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    Apply the following manifest."}],"source_content_type":"text/x-rst","patch_set":1,"id":"373f3b3d_80c7ec8d","line":71,"range":{"start_line":71,"start_character":49,"end_line":71,"end_character":52},"in_reply_to":"08e4f501_381364bc","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    Apply the following manifest."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"}],"source_content_type":"text/x-rst","patch_set":1,"id":"3bcfa816_8319e755","line":76,"range":{"start_line":76,"start_character":52,"end_line":76,"end_character":66},"updated":"2021-09-29 15:07:27.000000000","message":"Change to the correct variable.","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    Apply the following manifest."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"}],"source_content_type":"text/x-rst","patch_set":1,"id":"9bb46de5_01a0c9a9","line":76,"range":{"start_line":76,"start_character":10,"end_line":76,"end_character":21},"updated":"2021-09-29 15:07:27.000000000","message":"wrap in double-back-ticks ``10.10.10.45``","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    Apply the following manifest."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"}],"source_content_type":"text/x-rst","patch_set":1,"id":"14bd2602_20781f90","line":76,"range":{"start_line":76,"start_character":52,"end_line":76,"end_character":66},"in_reply_to":"3bcfa816_8319e755","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    Apply the following manifest."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"}],"source_content_type":"text/x-rst","patch_set":1,"id":"482dbb2c_cc6c60be","line":76,"range":{"start_line":76,"start_character":10,"end_line":76,"end_character":21},"in_reply_to":"9bb46de5_01a0c9a9","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":74,"context_line":"    Apply the following manifest."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"},{"line_number":80,"context_line":"    installation.)"}],"source_content_type":"text/x-rst","patch_set":1,"id":"3afd7cf1_d81691bc","line":77,"range":{"start_line":77,"start_character":4,"end_line":77,"end_character":40},"updated":"2021-09-29 15:07:27.000000000","message":"wrap in double-back-ticks","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":74,"context_line":"    Apply the following manifest."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"},{"line_number":80,"context_line":"    installation.)"}],"source_content_type":"text/x-rst","patch_set":1,"id":"7bbcab4c_dca88680","line":77,"range":{"start_line":77,"start_character":4,"end_line":77,"end_character":40},"in_reply_to":"3afd7cf1_d81691bc","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"},{"line_number":80,"context_line":"    installation.)"},{"line_number":81,"context_line":""},{"line_number":82,"context_line":"    .. code-block:: none"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1e9cd8b4_7b3aba42","line":79,"range":{"start_line":79,"start_character":65,"end_line":79,"end_character":79},"updated":"2021-09-29 15:07:27.000000000","message":"variable","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"},{"line_number":80,"context_line":"    installation.)"},{"line_number":81,"context_line":""},{"line_number":82,"context_line":"    .. code-block:: none"}],"source_content_type":"text/x-rst","patch_set":1,"id":"b5e55d48_ca114c7d","line":79,"range":{"start_line":79,"start_character":51,"end_line":79,"end_character":56},"updated":"2021-09-29 15:07:27.000000000","message":"|FQDN|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"},{"line_number":80,"context_line":"    installation.)"},{"line_number":81,"context_line":""},{"line_number":82,"context_line":"    .. code-block:: none"}],"source_content_type":"text/x-rst","patch_set":1,"id":"19065fb7_9ba985b6","line":79,"range":{"start_line":79,"start_character":65,"end_line":79,"end_character":79},"in_reply_to":"1e9cd8b4_7b3aba42","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":76,"context_line":"    Where 10.10.10.45 is the OAM Floating IP of the Cloud Platform and"},{"line_number":77,"context_line":"    ‘abccompany-starlingx.mycompany.com’ is the FQDN for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and FQDN for your Cloud Platform"},{"line_number":80,"context_line":"    installation.)"},{"line_number":81,"context_line":""},{"line_number":82,"context_line":"    .. code-block:: none"}],"source_content_type":"text/x-rst","patch_set":1,"id":"9b8cdacf_b63b6ddd","line":79,"range":{"start_line":79,"start_character":51,"end_line":79,"end_character":56},"in_reply_to":"b5e55d48_ca114c7d","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":146,"context_line":"          selector:"},{"line_number":147,"context_line":"            app: example-app"},{"line_number":148,"context_line":""},{"line_number":149,"context_line":"#.  In theory, if example-app existed, you would access it from your browser"},{"line_number":150,"context_line":"    with `https://abccompany-starlingx.mycompany.com:31118"},{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"d45e037e_8337d142","line":149,"range":{"start_line":149,"start_character":4,"end_line":149,"end_character":18},"updated":"2021-09-29 15:07:27.000000000","message":"Change to If","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":146,"context_line":"          selector:"},{"line_number":147,"context_line":"            app: example-app"},{"line_number":148,"context_line":""},{"line_number":149,"context_line":"#.  In theory, if example-app existed, you would access it from your browser"},{"line_number":150,"context_line":"    with `https://abccompany-starlingx.mycompany.com:31118"},{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"423bea58_ea900d15","line":149,"range":{"start_line":149,"start_character":4,"end_line":149,"end_character":18},"in_reply_to":"d45e037e_8337d142","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":150,"context_line":"    with `https://abccompany-starlingx.mycompany.com:31118"},{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"    If using busybox to look at mounted cert files, attach to container (e.g."},{"line_number":154,"context_line":"    ‘kubectl attach busybox-… -c busybox -i -t’) and ‘cd /etc/mycert; ls’"}],"source_content_type":"text/x-rst","patch_set":1,"id":"d528ad92_837df2a5","line":153,"range":{"start_line":153,"start_character":7,"end_line":153,"end_character":13},"updated":"2021-09-29 15:07:27.000000000","message":"you are using","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":150,"context_line":"    with `https://abccompany-starlingx.mycompany.com:31118"},{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"    If using busybox to look at mounted cert files, attach to container (e.g."},{"line_number":154,"context_line":"    ‘kubectl attach busybox-… -c busybox -i -t’) and ‘cd /etc/mycert; ls’"}],"source_content_type":"text/x-rst","patch_set":1,"id":"27720ba6_db9bc476","line":153,"range":{"start_line":153,"start_character":7,"end_line":153,"end_character":13},"in_reply_to":"d528ad92_837df2a5","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"    If using busybox to look at mounted cert files, attach to container (e.g."},{"line_number":154,"context_line":"    ‘kubectl attach busybox-… -c busybox -i -t’) and ‘cd /etc/mycert; ls’"}],"source_content_type":"text/x-rst","patch_set":1,"id":"40c87d14_b764df02","line":154,"range":{"start_line":154,"start_character":4,"end_line":154,"end_character":47},"updated":"2021-09-29 15:07:27.000000000","message":"wrap in double-back-ticks","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"    If using busybox to look at mounted cert files, attach to container (e.g."},{"line_number":154,"context_line":"    ‘kubectl attach busybox-… -c busybox -i -t’) and ‘cd /etc/mycert; ls’"}],"source_content_type":"text/x-rst","patch_set":1,"id":"6638254d_922db36f","line":154,"range":{"start_line":154,"start_character":54,"end_line":154,"end_character":72},"updated":"2021-09-29 15:07:27.000000000","message":"wrap in double-back-ticks\nCheck the text  here, it seems to stop suddenly? \nAdd . end of sentence","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"    If using busybox to look at mounted cert files, attach to container (e.g."},{"line_number":154,"context_line":"    ‘kubectl attach busybox-… -c busybox -i -t’) and ‘cd /etc/mycert; ls’"}],"source_content_type":"text/x-rst","patch_set":1,"id":"5fd6115e_d613011d","line":154,"range":{"start_line":154,"start_character":4,"end_line":154,"end_character":47},"in_reply_to":"40c87d14_b764df02","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"    If using busybox to look at mounted cert files, attach to container (e.g."},{"line_number":154,"context_line":"    ‘kubectl attach busybox-… -c busybox -i -t’) and ‘cd /etc/mycert; ls’"}],"source_content_type":"text/x-rst","patch_set":1,"id":"aa82336e_083404e8","line":154,"range":{"start_line":154,"start_character":54,"end_line":154,"end_character":72},"in_reply_to":"6638254d_922db36f","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":31292,"name":"ayyappa","email":"ayyappa.mantri@windriver.com","username":"amantri"},"change_message_id":"3d09fa0c37d7f7a0394a66d573801d4084299b3e","unresolved":true,"context_lines":[{"line_number":120,"context_line":"                imagePullPolicy: Always"},{"line_number":121,"context_line":"                ports:"},{"line_number":122,"context_line":"                - containerPort: 8443"},{"line_number":123,"context_line":"                   protocol: TCP"},{"line_number":124,"context_line":"                volumeMounts:"},{"line_number":125,"context_line":"                - name: mycert"},{"line_number":126,"context_line":"                  mountPath: \"/etc/mycert\"  # the files tls.crt, tls.key and ca.crt will be under /etc/mycert/ in container"}],"source_content_type":"text/x-rst","patch_set":4,"id":"be780390_e6052965","line":123,"updated":"2021-10-06 15:15:13.000000000","message":"remove one space before \"protocol\"","commit_id":"ca07bcc745adab709657736cabfa24d7b5a9dfaa"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"70a69db0aff47803bd38d66e22b0fbfbb74435b5","unresolved":false,"context_lines":[{"line_number":120,"context_line":"                imagePullPolicy: Always"},{"line_number":121,"context_line":"                ports:"},{"line_number":122,"context_line":"                - containerPort: 8443"},{"line_number":123,"context_line":"                   protocol: TCP"},{"line_number":124,"context_line":"                volumeMounts:"},{"line_number":125,"context_line":"                - name: mycert"},{"line_number":126,"context_line":"                  mountPath: \"/etc/mycert\"  # the files tls.crt, tls.key and ca.crt will be under /etc/mycert/ in container"}],"source_content_type":"text/x-rst","patch_set":4,"id":"4eedbd04_aab60b17","line":123,"in_reply_to":"be780390_e6052965","updated":"2021-10-06 18:07:48.000000000","message":"Done","commit_id":"ca07bcc745adab709657736cabfa24d7b5a9dfaa"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":1,"context_line":""},{"line_number":2,"context_line":".. _internal-ca-and-nodeport-example:"},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":5,"context_line":"Internal CA and NodePort Example"}],"source_content_type":"text/x-rst","patch_set":5,"id":"db180329_5800e6ec","line":2,"range":{"start_line":2,"start_character":3,"end_line":2,"end_character":36},"updated":"2021-10-12 11:56:57.000000000","message":"Please generate a new file name and label with \u0027tox -e newfile\u0027","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":1,"context_line":""},{"line_number":2,"context_line":".. _internal-ca-and-nodeport-example:"},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":5,"context_line":"Internal CA and NodePort Example"}],"source_content_type":"text/x-rst","patch_set":5,"id":"8db12e81_ec01e6a6","line":2,"range":{"start_line":2,"start_character":3,"end_line":2,"end_character":36},"in_reply_to":"db180329_5800e6ec","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":5,"context_line":"Internal CA and NodePort Example"},{"line_number":6,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":7,"context_line":""},{"line_number":8,"context_line":"This guide provides an example of how to configure an application to use"},{"line_number":9,"context_line":"NodePort to expose its self-managed |TLS|-based service and to use an Internal"},{"line_number":10,"context_line":"CA for signing CERTIFICATEs."},{"line_number":11,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"94e7256a_a9fa2a1b","line":8,"range":{"start_line":8,"start_character":5,"end_line":8,"end_character":11},"updated":"2021-10-12 11:56:57.000000000","message":"section","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":5,"context_line":"Internal CA and NodePort Example"},{"line_number":6,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":7,"context_line":""},{"line_number":8,"context_line":"This guide provides an example of how to configure an application to use"},{"line_number":9,"context_line":"NodePort to expose its self-managed |TLS|-based service and to use an Internal"},{"line_number":10,"context_line":"CA for signing CERTIFICATEs."},{"line_number":11,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"b0f945e3_e9b23260","line":8,"range":{"start_line":8,"start_character":5,"end_line":8,"end_character":11},"in_reply_to":"94e7256a_a9fa2a1b","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":7,"context_line":""},{"line_number":8,"context_line":"This guide provides an example of how to configure an application to use"},{"line_number":9,"context_line":"NodePort to expose its self-managed |TLS|-based service and to use an Internal"},{"line_number":10,"context_line":"CA for signing CERTIFICATEs."},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"Note that alternatively an External CA could be used with a NodePort-based"},{"line_number":13,"context_line":"solution as well."}],"source_content_type":"text/x-rst","patch_set":5,"id":"3ccca6cd_4c463be0","line":10,"range":{"start_line":10,"start_character":0,"end_line":10,"end_character":3},"updated":"2021-10-12 11:56:57.000000000","message":"|CA|","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":7,"context_line":""},{"line_number":8,"context_line":"This guide provides an example of how to configure an application to use"},{"line_number":9,"context_line":"NodePort to expose its self-managed |TLS|-based service and to use an Internal"},{"line_number":10,"context_line":"CA for signing CERTIFICATEs."},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"Note that alternatively an External CA could be used with a NodePort-based"},{"line_number":13,"context_line":"solution as well."}],"source_content_type":"text/x-rst","patch_set":5,"id":"8261d432_848cf9f6","line":10,"range":{"start_line":10,"start_character":0,"end_line":10,"end_character":3},"in_reply_to":"3ccca6cd_4c463be0","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":59,"context_line":"            ca:"},{"line_number":60,"context_line":"                secretName: abccompany-starlingx-rootca-certificate"},{"line_number":61,"context_line":""},{"line_number":62,"context_line":"#.  Share the public certificate of your Internal RootCA to clients such that"},{"line_number":63,"context_line":"    they can trust certificates signed by this RootCA."},{"line_number":64,"context_line":""},{"line_number":65,"context_line":"    .. code block:: none"}],"source_content_type":"text/x-rst","patch_set":5,"id":"c3c8408a_8512904d","line":62,"range":{"start_line":62,"start_character":41,"end_line":62,"end_character":50},"updated":"2021-10-12 11:56:57.000000000","message":"internal (lower case)","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":59,"context_line":"            ca:"},{"line_number":60,"context_line":"                secretName: abccompany-starlingx-rootca-certificate"},{"line_number":61,"context_line":""},{"line_number":62,"context_line":"#.  Share the public certificate of your Internal RootCA to clients such that"},{"line_number":63,"context_line":"    they can trust certificates signed by this RootCA."},{"line_number":64,"context_line":""},{"line_number":65,"context_line":"    .. code block:: none"}],"source_content_type":"text/x-rst","patch_set":5,"id":"33ee355d_ba62830f","line":62,"range":{"start_line":62,"start_character":41,"end_line":62,"end_character":50},"in_reply_to":"c3c8408a_8512904d","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    Apply the following manifest."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    Where ``10.10.10.45`` is the OAM Floating IP of the |prod| and"},{"line_number":77,"context_line":"    ``abccompany-starlingx.mycompany.com`` is the |FQDN| for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and |FQDN| for the |prod|"}],"source_content_type":"text/x-rst","patch_set":5,"id":"aca3af49_266b127f","line":76,"range":{"start_line":76,"start_character":33,"end_line":76,"end_character":37},"updated":"2021-10-12 11:56:57.000000000","message":"|OAM|","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    Apply the following manifest."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    Where ``10.10.10.45`` is the OAM Floating IP of the |prod| and"},{"line_number":77,"context_line":"    ``abccompany-starlingx.mycompany.com`` is the |FQDN| for this address."},{"line_number":78,"context_line":""},{"line_number":79,"context_line":"    (You should substitute with the IP Address and |FQDN| for the |prod|"}],"source_content_type":"text/x-rst","patch_set":5,"id":"5757f147_b7263ce9","line":76,"range":{"start_line":76,"start_character":33,"end_line":76,"end_character":37},"in_reply_to":"aca3af49_266b127f","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":147,"context_line":"            app: example-app"},{"line_number":148,"context_line":""},{"line_number":149,"context_line":"#.  If example-app existed, you would access it from your browser"},{"line_number":150,"context_line":"    with `https://abccompany-starlingx.mycompany.com:31118"},{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"    If you are using busybox to look at mounted cert files, attach to container"},{"line_number":154,"context_line":"    (e.g. ``kubectl attach busybox-… -c busybox -i -t`` and ``cd /etc/mycert;"}],"source_content_type":"text/x-rst","patch_set":5,"id":"c4c1ce92_5f88cfe4","line":151,"range":{"start_line":150,"start_character":9,"end_line":151,"end_character":57},"updated":"2021-10-12 11:56:57.000000000","message":"I don\u0027t think this should be a live link since it is an example that will not resolve if clicked. Maybe wrap in `` ... ``","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":147,"context_line":"            app: example-app"},{"line_number":148,"context_line":""},{"line_number":149,"context_line":"#.  If example-app existed, you would access it from your browser"},{"line_number":150,"context_line":"    with `https://abccompany-starlingx.mycompany.com:31118"},{"line_number":151,"context_line":"    \u003chttps://abccompany-starlingx.mycompany.com:31118\u003e`__."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"    If you are using busybox to look at mounted cert files, attach to container"},{"line_number":154,"context_line":"    (e.g. ``kubectl attach busybox-… -c busybox -i -t`` and ``cd /etc/mycert;"}],"source_content_type":"text/x-rst","patch_set":5,"id":"d9b60929_d7f19d78","line":151,"range":{"start_line":150,"start_character":9,"end_line":151,"end_character":57},"in_reply_to":"c4c1ce92_5f88cfe4","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"}],"doc/source/usertasks/kubernetes/issuers-in-distributed-cloud.rst":[{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"61e57b970c7a30a9912eadd1c6dc433f13ac365a","unresolved":true,"context_lines":[{"line_number":30,"context_line":"    -   This option is not ideal since this could mean 100s of RootCA"},{"line_number":31,"context_line":"        Certificates."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        |prod|’s Intermediate CA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"}],"source_content_type":"text/x-rst","patch_set":4,"id":"665c3735_5cb90356","line":33,"updated":"2021-10-05 14:56:24.000000000","message":"This option doesn\u0027t show up in the generated web page. Is it intentional?","commit_id":"ca07bcc745adab709657736cabfa24d7b5a9dfaa"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"15eb57c62aad0400fee222b57805afa49144f1c9","unresolved":true,"context_lines":[{"line_number":30,"context_line":"    -   This option is not ideal since this could mean 100s of RootCA"},{"line_number":31,"context_line":"        Certificates."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        |prod|’s Intermediate CA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"}],"source_content_type":"text/x-rst","patch_set":4,"id":"6d29b1e2_60a29398","line":33,"in_reply_to":"665c3735_5cb90356","updated":"2021-10-05 15:07:42.000000000","message":"Yes, Greg asked to hide this part as he did not finish this yet. He will review in the future.","commit_id":"ca07bcc745adab709657736cabfa24d7b5a9dfaa"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":1,"context_line":""},{"line_number":2,"context_line":".. _issuers-in-distributed-cloud:"},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":5,"context_line":"Issuers in Distributed Cloud"}],"source_content_type":"text/x-rst","patch_set":5,"id":"70e9ec55_4d1e1473","line":2,"range":{"start_line":2,"start_character":3,"end_line":2,"end_character":32},"updated":"2021-10-12 11:56:57.000000000","message":"Please generate a new file name and label with \u0027tox -e newfile\u0027","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":1,"context_line":""},{"line_number":2,"context_line":".. _issuers-in-distributed-cloud:"},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":5,"context_line":"Issuers in Distributed Cloud"}],"source_content_type":"text/x-rst","patch_set":5,"id":"d0453195_3e86eb1c","line":2,"range":{"start_line":2,"start_character":3,"end_line":2,"end_character":32},"in_reply_to":"70e9ec55_4d1e1473","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":9,"context_line":"options for the cert-manager ISSUERs they use:"},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"-   (Recommended) As part of your application deployment on each subcloud,"},{"line_number":12,"context_line":"    create a cert-manager ISSUER for the External CA that you wish to use for"},{"line_number":13,"context_line":"    signing your certificates."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":"    -   The External CA-type ISSUER is configured exactly the same way for"}],"source_content_type":"text/x-rst","patch_set":5,"id":"b4213aa6_c8524787","line":12,"range":{"start_line":12,"start_character":50,"end_line":12,"end_character":53},"updated":"2021-10-12 11:56:57.000000000","message":"|CA|","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":9,"context_line":"options for the cert-manager ISSUERs they use:"},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"-   (Recommended) As part of your application deployment on each subcloud,"},{"line_number":12,"context_line":"    create a cert-manager ISSUER for the External CA that you wish to use for"},{"line_number":13,"context_line":"    signing your certificates."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":"    -   The External CA-type ISSUER is configured exactly the same way for"}],"source_content_type":"text/x-rst","patch_set":5,"id":"3b8a5066_18c18fde","line":12,"range":{"start_line":12,"start_character":50,"end_line":12,"end_character":53},"in_reply_to":"b4213aa6_c8524787","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        |prod|’s Intermediate CA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"},{"line_number":38,"context_line":"            System Controller."},{"line_number":39,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"d4457287_3cc3de6c","line":36,"range":{"start_line":36,"start_character":48,"end_line":36,"end_character":62},"updated":"2021-10-12 11:56:57.000000000","message":"|prod|\nPlease check/change throughout.","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        |prod|’s Intermediate CA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"},{"line_number":38,"context_line":"            System Controller."},{"line_number":39,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"feb1f2e3_da464dc7","line":36,"range":{"start_line":36,"start_character":48,"end_line":36,"end_character":62},"in_reply_to":"d4457287_3cc3de6c","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":34,"context_line":"        |prod|’s Intermediate CA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"},{"line_number":38,"context_line":"            System Controller."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"            See below:"}],"source_content_type":"text/x-rst","patch_set":5,"id":"b4150fa9_8700449d","line":37,"range":{"start_line":37,"start_character":25,"end_line":37,"end_character":28},"updated":"2021-10-12 11:56:57.000000000","message":"|CAs|","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":34,"context_line":"        |prod|’s Intermediate CA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"},{"line_number":38,"context_line":"            System Controller."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"            See below:"}],"source_content_type":"text/x-rst","patch_set":5,"id":"5d4f2139_74faedf8","line":37,"range":{"start_line":37,"start_character":25,"end_line":37,"end_character":28},"in_reply_to":"b4150fa9_8700449d","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"}],"doc/source/usertasks/kubernetes/issuers-in-distributes-cloud.rst":[{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":1,"context_line":""},{"line_number":2,"context_line":".. _issuers-in-distributes-cloud:"},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":5,"context_line":"Issuers in Distributed Cloud"}],"source_content_type":"text/x-rst","patch_set":1,"id":"070f27f9_36896659","line":2,"range":{"start_line":2,"start_character":15,"end_line":2,"end_character":26},"updated":"2021-09-29 15:07:27.000000000","message":"distributed","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":1,"context_line":""},{"line_number":2,"context_line":".. _issuers-in-distributes-cloud:"},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":5,"context_line":"Issuers in Distributed Cloud"}],"source_content_type":"text/x-rst","patch_set":1,"id":"67407e1d_f217c916","line":2,"range":{"start_line":2,"start_character":15,"end_line":2,"end_character":26},"in_reply_to":"070f27f9_36896659","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":8,"context_line":"In a Distributed Cloud environment, end-user’s applications have a number of"},{"line_number":9,"context_line":"options for the cert-manager ISSUERs they use:"},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"-   (recommended) As part of your application deployment on each subcloud,"},{"line_number":12,"context_line":"    create a cert-manager ISSUER for the External CA that you wish to use for"},{"line_number":13,"context_line":"    signing your certificates."},{"line_number":14,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"fac1fded_ceb87be8","line":11,"range":{"start_line":11,"start_character":5,"end_line":11,"end_character":6},"updated":"2021-09-29 15:07:27.000000000","message":"R","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":8,"context_line":"In a Distributed Cloud environment, end-user’s applications have a number of"},{"line_number":9,"context_line":"options for the cert-manager ISSUERs they use:"},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"-   (recommended) As part of your application deployment on each subcloud,"},{"line_number":12,"context_line":"    create a cert-manager ISSUER for the External CA that you wish to use for"},{"line_number":13,"context_line":"    signing your certificates."},{"line_number":14,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"782ac387_36223ba4","line":11,"range":{"start_line":11,"start_character":5,"end_line":11,"end_character":6},"in_reply_to":"fac1fded_ceb87be8","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":12,"context_line":"    create a cert-manager ISSUER for the External CA that you wish to use for"},{"line_number":13,"context_line":"    signing your certificates."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":"    -   the External CA -type ISSUER is configured exactly the same way for"},{"line_number":16,"context_line":"        each of your application deployments on each subcloud, and"},{"line_number":17,"context_line":""},{"line_number":18,"context_line":"    -   your external clients need only trust a single External CA’s public"}],"source_content_type":"text/x-rst","patch_set":1,"id":"daac8a91_c8de2f72","line":15,"range":{"start_line":15,"start_character":8,"end_line":15,"end_character":9},"updated":"2021-09-29 15:07:27.000000000","message":"T","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":12,"context_line":"    create a cert-manager ISSUER for the External CA that you wish to use for"},{"line_number":13,"context_line":"    signing your certificates."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":"    -   the External CA -type ISSUER is configured exactly the same way for"},{"line_number":16,"context_line":"        each of your application deployments on each subcloud, and"},{"line_number":17,"context_line":""},{"line_number":18,"context_line":"    -   your external clients need only trust a single External CA’s public"}],"source_content_type":"text/x-rst","patch_set":1,"id":"c61b5633_b07270d6","line":15,"range":{"start_line":15,"start_character":8,"end_line":15,"end_character":9},"in_reply_to":"daac8a91_c8de2f72","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":15,"context_line":"    -   the External CA -type ISSUER is configured exactly the same way for"},{"line_number":16,"context_line":"        each of your application deployments on each subcloud, and"},{"line_number":17,"context_line":""},{"line_number":18,"context_line":"    -   your external clients need only trust a single External CA’s public"},{"line_number":19,"context_line":"        certificate."},{"line_number":20,"context_line":""},{"line_number":21,"context_line":"-   As part of your application deployment on each subcloud, create a local"}],"source_content_type":"text/x-rst","patch_set":1,"id":"ddbec546_6d590898","line":18,"range":{"start_line":18,"start_character":8,"end_line":18,"end_character":9},"updated":"2021-09-29 15:07:27.000000000","message":"Y","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":15,"context_line":"    -   the External CA -type ISSUER is configured exactly the same way for"},{"line_number":16,"context_line":"        each of your application deployments on each subcloud, and"},{"line_number":17,"context_line":""},{"line_number":18,"context_line":"    -   your external clients need only trust a single External CA’s public"},{"line_number":19,"context_line":"        certificate."},{"line_number":20,"context_line":""},{"line_number":21,"context_line":"-   As part of your application deployment on each subcloud, create a local"}],"source_content_type":"text/x-rst","patch_set":1,"id":"2d3fd14b_3caba739","line":18,"range":{"start_line":18,"start_character":8,"end_line":18,"end_character":9},"in_reply_to":"ddbec546_6d590898","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":19,"context_line":"        certificate."},{"line_number":20,"context_line":""},{"line_number":21,"context_line":"-   As part of your application deployment on each subcloud, create a local"},{"line_number":22,"context_line":"    internal RootCA ‘ca’ ISSUER for signing your certificates."},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"    -   the local internal RootCA ‘ca’ ISSUER should ideally be slightly"},{"line_number":25,"context_line":"        different (e.g. a unique subject) on each deployment, and"}],"source_content_type":"text/x-rst","patch_set":1,"id":"c6e97224_fcc95865","line":22,"range":{"start_line":22,"start_character":20,"end_line":22,"end_character":24},"updated":"2021-09-29 15:07:27.000000000","message":"wrap in double-back-ticks ``ca`` here and next line","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":19,"context_line":"        certificate."},{"line_number":20,"context_line":""},{"line_number":21,"context_line":"-   As part of your application deployment on each subcloud, create a local"},{"line_number":22,"context_line":"    internal RootCA ‘ca’ ISSUER for signing your certificates."},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"    -   the local internal RootCA ‘ca’ ISSUER should ideally be slightly"},{"line_number":25,"context_line":"        different (e.g. a unique subject) on each deployment, and"}],"source_content_type":"text/x-rst","patch_set":1,"id":"230c8c04_bf02266a","line":22,"range":{"start_line":22,"start_character":20,"end_line":22,"end_character":24},"in_reply_to":"c6e97224_fcc95865","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":21,"context_line":"-   As part of your application deployment on each subcloud, create a local"},{"line_number":22,"context_line":"    internal RootCA ‘ca’ ISSUER for signing your certificates."},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"    -   the local internal RootCA ‘ca’ ISSUER should ideally be slightly"},{"line_number":25,"context_line":"        different (e.g. a unique subject) on each deployment, and"},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"    -   your external clients need to trust each application deployment’s (on"}],"source_content_type":"text/x-rst","patch_set":1,"id":"c3487abb_6c966497","line":24,"range":{"start_line":24,"start_character":8,"end_line":24,"end_character":9},"updated":"2021-09-29 15:07:27.000000000","message":"T","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":21,"context_line":"-   As part of your application deployment on each subcloud, create a local"},{"line_number":22,"context_line":"    internal RootCA ‘ca’ ISSUER for signing your certificates."},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"    -   the local internal RootCA ‘ca’ ISSUER should ideally be slightly"},{"line_number":25,"context_line":"        different (e.g. a unique subject) on each deployment, and"},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"    -   your external clients need to trust each application deployment’s (on"}],"source_content_type":"text/x-rst","patch_set":1,"id":"974107bd_b6d0bbac","line":24,"range":{"start_line":24,"start_character":8,"end_line":24,"end_character":9},"in_reply_to":"c3487abb_6c966497","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":24,"context_line":"    -   the local internal RootCA ‘ca’ ISSUER should ideally be slightly"},{"line_number":25,"context_line":"        different (e.g. a unique subject) on each deployment, and"},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"    -   your external clients need to trust each application deployment’s (on"},{"line_number":28,"context_line":"        each subcloud) local internal RootCA public certificate."},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"    -   this option is not ideal since this could mean 100s of RootCA"}],"source_content_type":"text/x-rst","patch_set":1,"id":"df3ec137_a9c0f436","line":27,"range":{"start_line":27,"start_character":8,"end_line":27,"end_character":9},"updated":"2021-09-29 15:07:27.000000000","message":"Y","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":24,"context_line":"    -   the local internal RootCA ‘ca’ ISSUER should ideally be slightly"},{"line_number":25,"context_line":"        different (e.g. a unique subject) on each deployment, and"},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"    -   your external clients need to trust each application deployment’s (on"},{"line_number":28,"context_line":"        each subcloud) local internal RootCA public certificate."},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"    -   this option is not ideal since this could mean 100s of RootCA"}],"source_content_type":"text/x-rst","patch_set":1,"id":"26e43157_1dba386f","line":27,"range":{"start_line":27,"start_character":8,"end_line":27,"end_character":9},"in_reply_to":"df3ec137_a9c0f436","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":27,"context_line":"    -   your external clients need to trust each application deployment’s (on"},{"line_number":28,"context_line":"        each subcloud) local internal RootCA public certificate."},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"    -   this option is not ideal since this could mean 100s of RootCA"},{"line_number":31,"context_line":"        Certificates."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"}],"source_content_type":"text/x-rst","patch_set":1,"id":"c0439188_8be01595","line":30,"range":{"start_line":30,"start_character":8,"end_line":30,"end_character":9},"updated":"2021-09-29 15:07:27.000000000","message":"T","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":27,"context_line":"    -   your external clients need to trust each application deployment’s (on"},{"line_number":28,"context_line":"        each subcloud) local internal RootCA public certificate."},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"    -   this option is not ideal since this could mean 100s of RootCA"},{"line_number":31,"context_line":"        Certificates."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"}],"source_content_type":"text/x-rst","patch_set":1,"id":"e02673dc_c2b37966","line":30,"range":{"start_line":30,"start_character":8,"end_line":30,"end_character":9},"in_reply_to":"c0439188_8be01595","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":31,"context_line":"        Certificates."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        Cloud Platform’s IntermediateCA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"}],"source_content_type":"text/x-rst","patch_set":1,"id":"9d62f9bb_618b1855","line":34,"range":{"start_line":34,"start_character":25,"end_line":34,"end_character":40},"updated":"2021-09-29 15:07:27.000000000","message":"Not sure if this is one word or 2 words?","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":31,"context_line":"        Certificates."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        Cloud Platform’s IntermediateCA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"}],"source_content_type":"text/x-rst","patch_set":1,"id":"40e72546_7cf1a945","line":34,"range":{"start_line":34,"start_character":7,"end_line":34,"end_character":22},"updated":"2021-09-29 15:07:27.000000000","message":"Use the correct variable","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":31,"context_line":"        Certificates."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        Cloud Platform’s IntermediateCA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"}],"source_content_type":"text/x-rst","patch_set":1,"id":"52706d9f_76400fca","line":34,"range":{"start_line":34,"start_character":7,"end_line":34,"end_character":22},"in_reply_to":"40e72546_7cf1a945","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":31,"context_line":"        Certificates."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        Cloud Platform’s IntermediateCA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"}],"source_content_type":"text/x-rst","patch_set":1,"id":"8fc28c67_5129171a","line":34,"range":{"start_line":34,"start_character":25,"end_line":34,"end_character":40},"in_reply_to":"9d62f9bb_618b1855","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        Cloud Platform’s IntermediateCA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"},{"line_number":38,"context_line":"            SystemController."},{"line_number":39,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"f2963096_307bb644","line":36,"range":{"start_line":36,"start_character":48,"end_line":36,"end_character":62},"updated":"2021-09-29 15:07:27.000000000","message":"variable","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":33,"context_line":".. -    As part of your application deployment on each subcloud, use the"},{"line_number":34,"context_line":"        Cloud Platform’s IntermediateCA ISSUER for that subcloud"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"},{"line_number":38,"context_line":"            SystemController."},{"line_number":39,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"5e174971_b4cee695","line":36,"range":{"start_line":36,"start_character":48,"end_line":36,"end_character":62},"in_reply_to":"f2963096_307bb644","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"},{"line_number":38,"context_line":"            SystemController."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"            See below:"},{"line_number":41,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"2241f7ad_1b985644","line":38,"range":{"start_line":38,"start_character":12,"end_line":38,"end_character":28},"updated":"2021-09-29 15:07:27.000000000","message":"System Controller","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":35,"context_line":""},{"line_number":36,"context_line":"        -   In a Distributed Cloud environment, Cloud Platform manages a"},{"line_number":37,"context_line":"            hierarchy of CAs, anchored by a single RootCA at the"},{"line_number":38,"context_line":"            SystemController."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"            See below:"},{"line_number":41,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"6aaf9511_b95c89a2","line":38,"range":{"start_line":38,"start_character":12,"end_line":38,"end_character":28},"in_reply_to":"2241f7ad_1b985644","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":42,"context_line":"            .. figure:: /usertasks/figures/figure_3_issuers_dist_cloud.png"},{"line_number":43,"context_line":"                :scale: 100%"},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"            The RootCA Certificate and IntermediateCA Certificates are"},{"line_number":46,"context_line":"            created/renewed automatically by Cloud Platform."},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"        -   Your end-user’s application deployment on a subcloud can simply"}],"source_content_type":"text/x-rst","patch_set":1,"id":"97f312b8_ad45aae8","line":45,"range":{"start_line":45,"start_character":39,"end_line":45,"end_character":54},"updated":"2021-09-29 15:07:27.000000000","message":"1 word or 2 words?","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":42,"context_line":"            .. figure:: /usertasks/figures/figure_3_issuers_dist_cloud.png"},{"line_number":43,"context_line":"                :scale: 100%"},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"            The RootCA Certificate and IntermediateCA Certificates are"},{"line_number":46,"context_line":"            created/renewed automatically by Cloud Platform."},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"        -   Your end-user’s application deployment on a subcloud can simply"}],"source_content_type":"text/x-rst","patch_set":1,"id":"37c83593_4c80470e","line":45,"range":{"start_line":45,"start_character":39,"end_line":45,"end_character":54},"in_reply_to":"97f312b8_ad45aae8","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":43,"context_line":"                :scale: 100%"},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"            The RootCA Certificate and IntermediateCA Certificates are"},{"line_number":46,"context_line":"            created/renewed automatically by Cloud Platform."},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"        -   Your end-user’s application deployment on a subcloud can simply"},{"line_number":49,"context_line":"            create/sign CERTIFICATEs using the Cloud Platform’s"}],"source_content_type":"text/x-rst","patch_set":1,"id":"2d36e891_00ee5ba8","line":46,"range":{"start_line":46,"start_character":45,"end_line":46,"end_character":59},"updated":"2021-09-29 15:07:27.000000000","message":"variable","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":43,"context_line":"                :scale: 100%"},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"            The RootCA Certificate and IntermediateCA Certificates are"},{"line_number":46,"context_line":"            created/renewed automatically by Cloud Platform."},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"        -   Your end-user’s application deployment on a subcloud can simply"},{"line_number":49,"context_line":"            create/sign CERTIFICATEs using the Cloud Platform’s"}],"source_content_type":"text/x-rst","patch_set":1,"id":"e495dc7e_54bf09c5","line":46,"range":{"start_line":46,"start_character":45,"end_line":46,"end_character":59},"in_reply_to":"2d36e891_00ee5ba8","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":46,"context_line":"            created/renewed automatically by Cloud Platform."},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"        -   Your end-user’s application deployment on a subcloud can simply"},{"line_number":49,"context_line":"            create/sign CERTIFICATEs using the Cloud Platform’s"},{"line_number":50,"context_line":"            DC-AdminEp-Intermediate-CA on the subcloud"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        -   Your external clients need only trust the single Cloud Platform"}],"source_content_type":"text/x-rst","patch_set":1,"id":"22fe6318_a659e946","line":49,"range":{"start_line":49,"start_character":47,"end_line":49,"end_character":63},"updated":"2021-09-29 15:07:27.000000000","message":"variable","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":46,"context_line":"            created/renewed automatically by Cloud Platform."},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"        -   Your end-user’s application deployment on a subcloud can simply"},{"line_number":49,"context_line":"            create/sign CERTIFICATEs using the Cloud Platform’s"},{"line_number":50,"context_line":"            DC-AdminEp-Intermediate-CA on the subcloud"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        -   Your external clients need only trust the single Cloud Platform"}],"source_content_type":"text/x-rst","patch_set":1,"id":"e4fc06b7_563e4fed","line":49,"range":{"start_line":49,"start_character":47,"end_line":49,"end_character":63},"in_reply_to":"22fe6318_a659e946","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":47,"context_line":""},{"line_number":48,"context_line":"        -   Your end-user’s application deployment on a subcloud can simply"},{"line_number":49,"context_line":"            create/sign CERTIFICATEs using the Cloud Platform’s"},{"line_number":50,"context_line":"            DC-AdminEp-Intermediate-CA on the subcloud"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        -   Your external clients need only trust the single Cloud Platform"},{"line_number":53,"context_line":"            DC-AdminEp-Root-CA’s public certificate on the systemController."}],"source_content_type":"text/x-rst","patch_set":1,"id":"e8145545_bc527817","line":50,"range":{"start_line":50,"start_character":46,"end_line":50,"end_character":54},"updated":"2021-09-29 15:07:27.000000000","message":"add . end of sentence","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":47,"context_line":""},{"line_number":48,"context_line":"        -   Your end-user’s application deployment on a subcloud can simply"},{"line_number":49,"context_line":"            create/sign CERTIFICATEs using the Cloud Platform’s"},{"line_number":50,"context_line":"            DC-AdminEp-Intermediate-CA on the subcloud"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        -   Your external clients need only trust the single Cloud Platform"},{"line_number":53,"context_line":"            DC-AdminEp-Root-CA’s public certificate on the systemController."}],"source_content_type":"text/x-rst","patch_set":1,"id":"0517cbaf_a7c658b7","line":50,"range":{"start_line":50,"start_character":46,"end_line":50,"end_character":54},"in_reply_to":"e8145545_bc527817","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":49,"context_line":"            create/sign CERTIFICATEs using the Cloud Platform’s"},{"line_number":50,"context_line":"            DC-AdminEp-Intermediate-CA on the subcloud"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        -   Your external clients need only trust the single Cloud Platform"},{"line_number":53,"context_line":"            DC-AdminEp-Root-CA’s public certificate on the systemController."},{"line_number":54,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"19411160_a1a8c004","line":52,"range":{"start_line":52,"start_character":61,"end_line":52,"end_character":75},"updated":"2021-09-29 15:07:27.000000000","message":"variable","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":49,"context_line":"            create/sign CERTIFICATEs using the Cloud Platform’s"},{"line_number":50,"context_line":"            DC-AdminEp-Intermediate-CA on the subcloud"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        -   Your external clients need only trust the single Cloud Platform"},{"line_number":53,"context_line":"            DC-AdminEp-Root-CA’s public certificate on the systemController."},{"line_number":54,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"de3f5b98_e3ef820e","line":52,"range":{"start_line":52,"start_character":61,"end_line":52,"end_character":75},"in_reply_to":"19411160_a1a8c004","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":50,"context_line":"            DC-AdminEp-Intermediate-CA on the subcloud"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        -   Your external clients need only trust the single Cloud Platform"},{"line_number":53,"context_line":"            DC-AdminEp-Root-CA’s public certificate on the systemController."},{"line_number":54,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"82dba135_84bb4949","line":53,"range":{"start_line":53,"start_character":59,"end_line":53,"end_character":75},"updated":"2021-09-29 15:07:27.000000000","message":"System Controller","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":50,"context_line":"            DC-AdminEp-Intermediate-CA on the subcloud"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"        -   Your external clients need only trust the single Cloud Platform"},{"line_number":53,"context_line":"            DC-AdminEp-Root-CA’s public certificate on the systemController."},{"line_number":54,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"51f11ebc_9f371a88","line":53,"range":{"start_line":53,"start_character":59,"end_line":53,"end_character":75},"in_reply_to":"82dba135_84bb4949","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"}],"doc/source/usertasks/kubernetes/kubernetes-user-tutorials-cert-manager.rst":[{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":17,"context_line":""},{"line_number":18,"context_line":"    In this mode, a cert-manager ISSUER is configured to interact with an"},{"line_number":19,"context_line":"    External CA of a particular type.  External CA types supported by"},{"line_number":20,"context_line":"    cert-manager are ACME, Vault or Venafi (note that Cloud Platform has only"},{"line_number":21,"context_line":"    tested and validated cert-manager with ACME CAs)."},{"line_number":22,"context_line":""},{"line_number":23,"context_line":"    When a cert-manager CERTIFICATE is created using this External CA ISSUER,"}],"source_content_type":"text/x-rst","patch_set":1,"id":"905f4ce9_ad70ce45","line":20,"range":{"start_line":20,"start_character":54,"end_line":20,"end_character":68},"updated":"2021-09-29 15:07:27.000000000","message":"Replace with |prod|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":17,"context_line":""},{"line_number":18,"context_line":"    In this mode, a cert-manager ISSUER is configured to interact with an"},{"line_number":19,"context_line":"    External CA of a particular type.  External CA types supported by"},{"line_number":20,"context_line":"    cert-manager are ACME, Vault or Venafi (note that Cloud Platform has only"},{"line_number":21,"context_line":"    tested and validated cert-manager with ACME CAs)."},{"line_number":22,"context_line":""},{"line_number":23,"context_line":"    When a cert-manager CERTIFICATE is created using this External CA ISSUER,"}],"source_content_type":"text/x-rst","patch_set":1,"id":"aa8414bc_52ce8d11","line":20,"range":{"start_line":20,"start_character":54,"end_line":20,"end_character":68},"in_reply_to":"905f4ce9_ad70ce45","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":45,"context_line":""},{"line_number":46,"context_line":"-   Providing an Internal Certificate Authority"},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"    In this mode, a cert-manager ‘selfsigned’ type ISSUER and ‘ca’ type ISSUER"},{"line_number":49,"context_line":"    provides a non-challenging Root CA for signing certificates local to the"},{"line_number":50,"context_line":"    Kubernetes cluster."},{"line_number":51,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"97e1cd81_206b391d","line":48,"range":{"start_line":48,"start_character":33,"end_line":48,"end_character":45},"updated":"2021-09-29 15:07:27.000000000","message":"Please change to double-back-ticks here and throughout this file. \n``selfsigned`` and ``ca`` on this line","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":45,"context_line":""},{"line_number":46,"context_line":"-   Providing an Internal Certificate Authority"},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"    In this mode, a cert-manager ‘selfsigned’ type ISSUER and ‘ca’ type ISSUER"},{"line_number":49,"context_line":"    provides a non-challenging Root CA for signing certificates local to the"},{"line_number":50,"context_line":"    Kubernetes cluster."},{"line_number":51,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"e18f4f97_a1ecb2bb","line":48,"range":{"start_line":48,"start_character":33,"end_line":48,"end_character":45},"in_reply_to":"97e1cd81_206b391d","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":87,"context_line":"        for signing the server certificates based on the intermediateCA"},{"line_number":88,"context_line":"        certificate (from the external ACME CA)."},{"line_number":89,"context_line":""},{"line_number":90,"context_line":"How CERTIFICATEs (and their tls type SECRETs) are created and integrated into"},{"line_number":91,"context_line":"an end-user’s application depends on how the end-user has chosen to expose its"},{"line_number":92,"context_line":"service externally.  There are typically two options:"},{"line_number":93,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"1be1a8f1_6dba73e9","line":90,"range":{"start_line":90,"start_character":28,"end_line":90,"end_character":32},"updated":"2021-09-29 15:07:27.000000000","message":"|TLS|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":87,"context_line":"        for signing the server certificates based on the intermediateCA"},{"line_number":88,"context_line":"        certificate (from the external ACME CA)."},{"line_number":89,"context_line":""},{"line_number":90,"context_line":"How CERTIFICATEs (and their tls type SECRETs) are created and integrated into"},{"line_number":91,"context_line":"an end-user’s application depends on how the end-user has chosen to expose its"},{"line_number":92,"context_line":"service externally.  There are typically two options:"},{"line_number":93,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"2f2e86b1_a32d770d","line":90,"range":{"start_line":90,"start_character":28,"end_line":90,"end_character":32},"in_reply_to":"1be1a8f1_6dba73e9","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":91,"context_line":"an end-user’s application depends on how the end-user has chosen to expose its"},{"line_number":92,"context_line":"service externally.  There are typically two options:"},{"line_number":93,"context_line":""},{"line_number":94,"context_line":"-   the end-user’s application exposes its service with a NodePort and"},{"line_number":95,"context_line":"    originates/terminates HTTPS itself"},{"line_number":96,"context_line":""},{"line_number":97,"context_line":"    In this scenario the end-user’s application is originating/terminating"}],"source_content_type":"text/x-rst","patch_set":1,"id":"56a37aa5_6283345f","line":94,"range":{"start_line":94,"start_character":4,"end_line":94,"end_character":8},"updated":"2021-09-29 15:07:27.000000000","message":"The","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":91,"context_line":"an end-user’s application depends on how the end-user has chosen to expose its"},{"line_number":92,"context_line":"service externally.  There are typically two options:"},{"line_number":93,"context_line":""},{"line_number":94,"context_line":"-   the end-user’s application exposes its service with a NodePort and"},{"line_number":95,"context_line":"    originates/terminates HTTPS itself"},{"line_number":96,"context_line":""},{"line_number":97,"context_line":"    In this scenario the end-user’s application is originating/terminating"}],"source_content_type":"text/x-rst","patch_set":1,"id":"50adebaa_57954369","line":94,"range":{"start_line":94,"start_character":4,"end_line":94,"end_character":8},"in_reply_to":"56a37aa5_6283345f","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":94,"context_line":"-   the end-user’s application exposes its service with a NodePort and"},{"line_number":95,"context_line":"    originates/terminates HTTPS itself"},{"line_number":96,"context_line":""},{"line_number":97,"context_line":"    In this scenario the end-user’s application is originating/terminating"},{"line_number":98,"context_line":"    HTTPS on its own, so it needs access to the Kubernetes SECRET holding the"},{"line_number":99,"context_line":"    TLS certificate, in order to establish the HTTPS connection."},{"line_number":100,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"6cfeff8d_06e18a92","line":97,"range":{"start_line":97,"start_character":12,"end_line":97,"end_character":21},"updated":"2021-09-29 15:07:27.000000000","message":"scenario,","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":94,"context_line":"-   the end-user’s application exposes its service with a NodePort and"},{"line_number":95,"context_line":"    originates/terminates HTTPS itself"},{"line_number":96,"context_line":""},{"line_number":97,"context_line":"    In this scenario the end-user’s application is originating/terminating"},{"line_number":98,"context_line":"    HTTPS on its own, so it needs access to the Kubernetes SECRET holding the"},{"line_number":99,"context_line":"    TLS certificate, in order to establish the HTTPS connection."},{"line_number":100,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"686ab9da_1e9b7dff","line":97,"range":{"start_line":97,"start_character":12,"end_line":97,"end_character":21},"in_reply_to":"6cfeff8d_06e18a92","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":100,"context_line":""},{"line_number":101,"context_line":"    In this scenario, the end-user’s application’s helm chart or yaml file must"},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"    -   create the CERTIFICATE    (referencing the desired ISSUER to use, and"},{"line_number":104,"context_line":"        indicating the SECRET to store the certificate in),"},{"line_number":105,"context_line":""},{"line_number":106,"context_line":"    -   include the SECRET as a mounted volume in the pod spec"}],"source_content_type":"text/x-rst","patch_set":1,"id":"e5db81f1_ee98a44d","line":103,"range":{"start_line":103,"start_character":30,"end_line":103,"end_character":34},"updated":"2021-09-29 15:07:27.000000000","message":"lots of extra space here?","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":100,"context_line":""},{"line_number":101,"context_line":"    In this scenario, the end-user’s application’s helm chart or yaml file must"},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"    -   create the CERTIFICATE    (referencing the desired ISSUER to use, and"},{"line_number":104,"context_line":"        indicating the SECRET to store the certificate in),"},{"line_number":105,"context_line":""},{"line_number":106,"context_line":"    -   include the SECRET as a mounted volume in the pod spec"}],"source_content_type":"text/x-rst","patch_set":1,"id":"d32441b1_9b9a777d","line":103,"range":{"start_line":103,"start_character":30,"end_line":103,"end_character":34},"in_reply_to":"e5db81f1_ee98a44d","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":105,"context_line":""},{"line_number":106,"context_line":"    -   include the SECRET as a mounted volume in the pod spec"},{"line_number":107,"context_line":""},{"line_number":108,"context_line":"        -   such that the application’s container can access the tls"},{"line_number":109,"context_line":"            certificate as a pem file for use in establishing the HTTPS"},{"line_number":110,"context_line":"            connection."},{"line_number":111,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"e5179a8c_bf097662","line":108,"range":{"start_line":108,"start_character":65,"end_line":108,"end_character":68},"updated":"2021-09-29 15:07:27.000000000","message":"|TLS|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":105,"context_line":""},{"line_number":106,"context_line":"    -   include the SECRET as a mounted volume in the pod spec"},{"line_number":107,"context_line":""},{"line_number":108,"context_line":"        -   such that the application’s container can access the tls"},{"line_number":109,"context_line":"            certificate as a pem file for use in establishing the HTTPS"},{"line_number":110,"context_line":"            connection."},{"line_number":111,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"c3b43b42_6bdc4377","line":108,"range":{"start_line":108,"start_character":65,"end_line":108,"end_character":68},"in_reply_to":"e5179a8c_bf097662","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":106,"context_line":"    -   include the SECRET as a mounted volume in the pod spec"},{"line_number":107,"context_line":""},{"line_number":108,"context_line":"        -   such that the application’s container can access the tls"},{"line_number":109,"context_line":"            certificate as a pem file for use in establishing the HTTPS"},{"line_number":110,"context_line":"            connection."},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"    Note that in this scenario, the application’s container must detect when"}],"source_content_type":"text/x-rst","patch_set":1,"id":"9f0697b0_c27f264f","line":109,"range":{"start_line":109,"start_character":29,"end_line":109,"end_character":33},"updated":"2021-09-29 15:07:27.000000000","message":"|PEM|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":106,"context_line":"    -   include the SECRET as a mounted volume in the pod spec"},{"line_number":107,"context_line":""},{"line_number":108,"context_line":"        -   such that the application’s container can access the tls"},{"line_number":109,"context_line":"            certificate as a pem file for use in establishing the HTTPS"},{"line_number":110,"context_line":"            connection."},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"    Note that in this scenario, the application’s container must detect when"}],"source_content_type":"text/x-rst","patch_set":1,"id":"60bc48ce_b0236f27","line":109,"range":{"start_line":109,"start_character":29,"end_line":109,"end_character":33},"in_reply_to":"9f0697b0_c27f264f","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":114,"context_line":"    CERTIFICATE (and the associated SECRET), and update its HTTPS connection to"},{"line_number":115,"context_line":"    use the updated certificate."},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"-   the end-user’s application uses ingress controller to expose its service"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    In this scenario, the end-user’s application uses Cloud Platform’s"},{"line_number":120,"context_line":"    integrated nginx ingress-controller to both originate/terminate the HTTPS"}],"source_content_type":"text/x-rst","patch_set":1,"id":"5391941b_62f8db8a","line":117,"range":{"start_line":117,"start_character":4,"end_line":117,"end_character":5},"updated":"2021-09-29 15:07:27.000000000","message":"T","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":114,"context_line":"    CERTIFICATE (and the associated SECRET), and update its HTTPS connection to"},{"line_number":115,"context_line":"    use the updated certificate."},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"-   the end-user’s application uses ingress controller to expose its service"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    In this scenario, the end-user’s application uses Cloud Platform’s"},{"line_number":120,"context_line":"    integrated nginx ingress-controller to both originate/terminate the HTTPS"}],"source_content_type":"text/x-rst","patch_set":1,"id":"bf612bc6_3cbf681e","line":117,"range":{"start_line":117,"start_character":4,"end_line":117,"end_character":5},"in_reply_to":"5391941b_62f8db8a","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":116,"context_line":""},{"line_number":117,"context_line":"-   the end-user’s application uses ingress controller to expose its service"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    In this scenario, the end-user’s application uses Cloud Platform’s"},{"line_number":120,"context_line":"    integrated nginx ingress-controller to both originate/terminate the HTTPS"},{"line_number":121,"context_line":"    connection as well as deal with cert-manager for requesting the required"},{"line_number":122,"context_line":"    CERTIFICATE."}],"source_content_type":"text/x-rst","patch_set":1,"id":"9679f2a4_ca5387fd","line":119,"range":{"start_line":119,"start_character":54,"end_line":119,"end_character":70},"updated":"2021-09-29 15:07:27.000000000","message":"the |prod|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":116,"context_line":""},{"line_number":117,"context_line":"-   the end-user’s application uses ingress controller to expose its service"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    In this scenario, the end-user’s application uses Cloud Platform’s"},{"line_number":120,"context_line":"    integrated nginx ingress-controller to both originate/terminate the HTTPS"},{"line_number":121,"context_line":"    connection as well as deal with cert-manager for requesting the required"},{"line_number":122,"context_line":"    CERTIFICATE."}],"source_content_type":"text/x-rst","patch_set":1,"id":"5a89fb15_55fcb68c","line":119,"range":{"start_line":119,"start_character":54,"end_line":119,"end_character":70},"in_reply_to":"9679f2a4_ca5387fd","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":26026,"name":"Greg Waines","email":"greg.waines@windriver.com","username":"gwaines"},"change_message_id":"d982b5e62933c40e23102f0e163da6a860da7c1c","unresolved":true,"context_lines":[{"line_number":9,"context_line":"|prod| integrates the open source project cert-manager"},{"line_number":10,"context_line":"(http://cert-manager.io), in order to provide certificate management support"},{"line_number":11,"context_line":"for end-users’ containerized applications."},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"Cert-manager is a native Kubernetes certificate management controller, that"},{"line_number":14,"context_line":"supports the following general modes of operation:"},{"line_number":15,"context_line":""}],"source_content_type":"text/x-rst","patch_set":3,"id":"0c212867_8d5e79dc","line":12,"updated":"2021-10-04 15:49:31.000000000","message":"Can we put a subheading here of\n    \"Cert Manager Modes\"","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"dae72b39f02d23441c81f2b0108aeb6bf87d845b","unresolved":false,"context_lines":[{"line_number":9,"context_line":"|prod| integrates the open source project cert-manager"},{"line_number":10,"context_line":"(http://cert-manager.io), in order to provide certificate management support"},{"line_number":11,"context_line":"for end-users’ containerized applications."},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"Cert-manager is a native Kubernetes certificate management controller, that"},{"line_number":14,"context_line":"supports the following general modes of operation:"},{"line_number":15,"context_line":""}],"source_content_type":"text/x-rst","patch_set":3,"id":"9a4c7af1_713e21d5","line":12,"in_reply_to":"0c212867_8d5e79dc","updated":"2021-10-04 20:02:23.000000000","message":"Done","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":26026,"name":"Greg Waines","email":"greg.waines@windriver.com","username":"gwaines"},"change_message_id":"d982b5e62933c40e23102f0e163da6a860da7c1c","unresolved":true,"context_lines":[{"line_number":86,"context_line":"    -   While the IntermediateCA ISSUER in cert-manager could be of type ``ca``"},{"line_number":87,"context_line":"        for signing the server certificates based on the intermediateCA"},{"line_number":88,"context_line":"        certificate (from the external ACME CA)."},{"line_number":89,"context_line":""},{"line_number":90,"context_line":"How CERTIFICATEs (and their |TLS| type SECRETs) are created and integrated into"},{"line_number":91,"context_line":"an end-user’s application depends on how the end-user has chosen to expose its"},{"line_number":92,"context_line":"service externally.  There are typically two options:"}],"source_content_type":"text/x-rst","patch_set":3,"id":"f5f3aa12_cd666a40","line":89,"updated":"2021-10-04 15:49:31.000000000","message":"Can we put a subheader here of \n     \"Using Cert Manager CERTIFICATES in your Application\"","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"dae72b39f02d23441c81f2b0108aeb6bf87d845b","unresolved":false,"context_lines":[{"line_number":86,"context_line":"    -   While the IntermediateCA ISSUER in cert-manager could be of type ``ca``"},{"line_number":87,"context_line":"        for signing the server certificates based on the intermediateCA"},{"line_number":88,"context_line":"        certificate (from the external ACME CA)."},{"line_number":89,"context_line":""},{"line_number":90,"context_line":"How CERTIFICATEs (and their |TLS| type SECRETs) are created and integrated into"},{"line_number":91,"context_line":"an end-user’s application depends on how the end-user has chosen to expose its"},{"line_number":92,"context_line":"service externally.  There are typically two options:"}],"source_content_type":"text/x-rst","patch_set":3,"id":"67d8e5a3_0229df30","line":89,"in_reply_to":"f5f3aa12_cd666a40","updated":"2021-10-04 20:02:23.000000000","message":"Done","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":26026,"name":"Greg Waines","email":"greg.waines@windriver.com","username":"gwaines"},"change_message_id":"d982b5e62933c40e23102f0e163da6a860da7c1c","unresolved":true,"context_lines":[{"line_number":114,"context_line":"    CERTIFICATE (and the associated SECRET), and update its HTTPS connection to"},{"line_number":115,"context_line":"    use the updated certificate."},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"-   The end-user’s application uses ingress controller to expose its service"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    In this scenario, the end-user’s application uses |prod|’s"},{"line_number":120,"context_line":"    integrated nginx ingress-controller to both originate/terminate the HTTPS"}],"source_content_type":"text/x-rst","patch_set":3,"id":"ff54d19b_ff82941c","line":117,"range":{"start_line":117,"start_character":69,"end_line":117,"end_character":76},"updated":"2021-10-04 15:49:31.000000000","message":"service (the most common approach)","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"dae72b39f02d23441c81f2b0108aeb6bf87d845b","unresolved":false,"context_lines":[{"line_number":114,"context_line":"    CERTIFICATE (and the associated SECRET), and update its HTTPS connection to"},{"line_number":115,"context_line":"    use the updated certificate."},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"-   The end-user’s application uses ingress controller to expose its service"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    In this scenario, the end-user’s application uses |prod|’s"},{"line_number":120,"context_line":"    integrated nginx ingress-controller to both originate/terminate the HTTPS"}],"source_content_type":"text/x-rst","patch_set":3,"id":"cfa8a8ab_0401b894","line":117,"range":{"start_line":117,"start_character":69,"end_line":117,"end_character":76},"in_reply_to":"ff54d19b_ff82941c","updated":"2021-10-04 20:02:23.000000000","message":"Done","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":26026,"name":"Greg Waines","email":"greg.waines@windriver.com","username":"gwaines"},"change_message_id":"d982b5e62933c40e23102f0e163da6a860da7c1c","unresolved":true,"context_lines":[{"line_number":114,"context_line":"    CERTIFICATE (and the associated SECRET), and update its HTTPS connection to"},{"line_number":115,"context_line":"    use the updated certificate."},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"-   The end-user’s application uses ingress controller to expose its service"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    In this scenario, the end-user’s application uses |prod|’s"},{"line_number":120,"context_line":"    integrated nginx ingress-controller to both originate/terminate the HTTPS"},{"line_number":121,"context_line":"    connection as well as deal with cert-manager for requesting the required"},{"line_number":122,"context_line":"    CERTIFICATE."},{"line_number":123,"context_line":""},{"line_number":124,"context_line":"    Specifically, in this scenario, the end-user’s application’s helm chart or"},{"line_number":125,"context_line":"    yaml file must"},{"line_number":126,"context_line":""},{"line_number":127,"context_line":"    -   create an INGRESS object that"},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"        -   specifies the details on ingress forwarding based on the URL"},{"line_number":130,"context_line":"            (hostname, port and path), and"},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"        -   specifies ``|TLS|`` mode along with cert-manager -specific"},{"line_number":133,"context_line":"            annotations for details on creating the CERTIFICATE for this"},{"line_number":134,"context_line":"            ingress connection with cert-manager; minimally the cert-manager"},{"line_number":135,"context_line":"            ISSUER to use must be specified."},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"    Nginx Ingress Controller will automatically detect when cert-manager renews"},{"line_number":138,"context_line":"    the server certificate and update its HTTPS connection to use the new"},{"line_number":139,"context_line":"    certificate."},{"line_number":140,"context_line":""},{"line_number":141,"context_line":"    The end-user’s application does not deal with HTTPS or certificates at all."},{"line_number":142,"context_line":""},{"line_number":143,"context_line":"See :ref:`External CA and Ingress Controller Example \u003cletsencrypt-example\u003e`"},{"line_number":144,"context_line":"section for an example of how to configure an application to use Ingress"}],"source_content_type":"text/x-rst","patch_set":3,"id":"411bd2ba_b6307ddb","line":141,"range":{"start_line":117,"start_character":0,"end_line":141,"end_character":79},"updated":"2021-10-04 15:49:31.000000000","message":"Can we switch order of major bullets and move these lines up to line 93","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"dae72b39f02d23441c81f2b0108aeb6bf87d845b","unresolved":false,"context_lines":[{"line_number":114,"context_line":"    CERTIFICATE (and the associated SECRET), and update its HTTPS connection to"},{"line_number":115,"context_line":"    use the updated certificate."},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"-   The end-user’s application uses ingress controller to expose its service"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    In this scenario, the end-user’s application uses |prod|’s"},{"line_number":120,"context_line":"    integrated nginx ingress-controller to both originate/terminate the HTTPS"},{"line_number":121,"context_line":"    connection as well as deal with cert-manager for requesting the required"},{"line_number":122,"context_line":"    CERTIFICATE."},{"line_number":123,"context_line":""},{"line_number":124,"context_line":"    Specifically, in this scenario, the end-user’s application’s helm chart or"},{"line_number":125,"context_line":"    yaml file must"},{"line_number":126,"context_line":""},{"line_number":127,"context_line":"    -   create an INGRESS object that"},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"        -   specifies the details on ingress forwarding based on the URL"},{"line_number":130,"context_line":"            (hostname, port and path), and"},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"        -   specifies ``|TLS|`` mode along with cert-manager -specific"},{"line_number":133,"context_line":"            annotations for details on creating the CERTIFICATE for this"},{"line_number":134,"context_line":"            ingress connection with cert-manager; minimally the cert-manager"},{"line_number":135,"context_line":"            ISSUER to use must be specified."},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"    Nginx Ingress Controller will automatically detect when cert-manager renews"},{"line_number":138,"context_line":"    the server certificate and update its HTTPS connection to use the new"},{"line_number":139,"context_line":"    certificate."},{"line_number":140,"context_line":""},{"line_number":141,"context_line":"    The end-user’s application does not deal with HTTPS or certificates at all."},{"line_number":142,"context_line":""},{"line_number":143,"context_line":"See :ref:`External CA and Ingress Controller Example \u003cletsencrypt-example\u003e`"},{"line_number":144,"context_line":"section for an example of how to configure an application to use Ingress"}],"source_content_type":"text/x-rst","patch_set":3,"id":"21c6468f_95bb0bfd","line":141,"range":{"start_line":117,"start_character":0,"end_line":141,"end_character":79},"in_reply_to":"411bd2ba_b6307ddb","updated":"2021-10-04 20:02:23.000000000","message":"Done","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":149,"context_line":"    CERTIFICATE (and the associated SECRET), and update its HTTPS connection to"},{"line_number":150,"context_line":"    use the updated certificate."},{"line_number":151,"context_line":""},{"line_number":152,"context_line":"See :ref:`External CA and Ingress Controller Example \u003cletsencrypt-example\u003e`"},{"line_number":153,"context_line":"section for an example of how to configure an application to use Ingress"},{"line_number":154,"context_line":"Controller to both expose its TLS-based service and to use an External CA for"},{"line_number":155,"context_line":"signing CERTIFICATEs."},{"line_number":156,"context_line":""},{"line_number":157,"context_line":"See :ref:`Internal CA and NodePort Example \u003cinternal-ca-and-nodeport-example\u003e`"},{"line_number":158,"context_line":"section for an example of how to configure an application to use NodePort to"},{"line_number":159,"context_line":"expose its self-managed |TLS|-based service and to use an Internal CA for signing"},{"line_number":160,"context_line":"CERTIFICATEs."}],"source_content_type":"text/x-rst","patch_set":5,"id":"8c136451_5dc6ddde","line":160,"range":{"start_line":152,"start_character":0,"end_line":160,"end_character":13},"updated":"2021-10-12 11:56:57.000000000","message":"Wrap these in a .. seealso:: block.","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":149,"context_line":"    CERTIFICATE (and the associated SECRET), and update its HTTPS connection to"},{"line_number":150,"context_line":"    use the updated certificate."},{"line_number":151,"context_line":""},{"line_number":152,"context_line":"See :ref:`External CA and Ingress Controller Example \u003cletsencrypt-example\u003e`"},{"line_number":153,"context_line":"section for an example of how to configure an application to use Ingress"},{"line_number":154,"context_line":"Controller to both expose its TLS-based service and to use an External CA for"},{"line_number":155,"context_line":"signing CERTIFICATEs."},{"line_number":156,"context_line":""},{"line_number":157,"context_line":"See :ref:`Internal CA and NodePort Example \u003cinternal-ca-and-nodeport-example\u003e`"},{"line_number":158,"context_line":"section for an example of how to configure an application to use NodePort to"},{"line_number":159,"context_line":"expose its self-managed |TLS|-based service and to use an Internal CA for signing"},{"line_number":160,"context_line":"CERTIFICATEs."}],"source_content_type":"text/x-rst","patch_set":5,"id":"539bca25_34967806","line":160,"range":{"start_line":152,"start_character":0,"end_line":160,"end_character":13},"in_reply_to":"8c136451_5dc6ddde","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"}],"doc/source/usertasks/kubernetes/letsencrypt-example.rst":[{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":6,"context_line":"External CA and Ingress Controller Example"},{"line_number":7,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"The following is an example of how to configure an application to use Ingress"},{"line_number":10,"context_line":"Controller to both expose its TLS-based service and to use an External CA for"},{"line_number":11,"context_line":"signing CERTIFICATEs."},{"line_number":12,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"bf35d60e_c573c8b5","line":9,"range":{"start_line":9,"start_character":0,"end_line":9,"end_character":30},"updated":"2021-09-29 15:07:27.000000000","message":"This guide describes","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":6,"context_line":"External CA and Ingress Controller Example"},{"line_number":7,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"The following is an example of how to configure an application to use Ingress"},{"line_number":10,"context_line":"Controller to both expose its TLS-based service and to use an External CA for"},{"line_number":11,"context_line":"signing CERTIFICATEs."},{"line_number":12,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"0ea46b79_b645edbf","line":9,"range":{"start_line":9,"start_character":0,"end_line":9,"end_character":30},"in_reply_to":"bf35d60e_c573c8b5","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":20,"context_line":".. _letsencrypt-example-ul-h3j-f2w-nlb:"},{"line_number":21,"context_line":""},{"line_number":22,"context_line":"-   the LetsEncrypt CA in the public internet can send an http01 challenge to"},{"line_number":23,"context_line":"    the FQDN of your |prod|\u0027s floating OAM IP Address."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"}],"source_content_type":"text/x-rst","patch_set":1,"id":"d157d506_b181cdb2","line":23,"range":{"start_line":23,"start_character":16,"end_line":23,"end_character":29},"updated":"2021-09-29 15:07:27.000000000","message":"this reads funny, suggest changing to:\nthe |prod|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":20,"context_line":".. _letsencrypt-example-ul-h3j-f2w-nlb:"},{"line_number":21,"context_line":""},{"line_number":22,"context_line":"-   the LetsEncrypt CA in the public internet can send an http01 challenge to"},{"line_number":23,"context_line":"    the FQDN of your |prod|\u0027s floating OAM IP Address."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"}],"source_content_type":"text/x-rst","patch_set":1,"id":"5070ff07_e459d5e9","line":23,"range":{"start_line":23,"start_character":8,"end_line":23,"end_character":13},"updated":"2021-09-29 15:07:27.000000000","message":"|FQDN|  (Please check this file, there are other abbreviations to be marked)","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":20,"context_line":".. _letsencrypt-example-ul-h3j-f2w-nlb:"},{"line_number":21,"context_line":""},{"line_number":22,"context_line":"-   the LetsEncrypt CA in the public internet can send an http01 challenge to"},{"line_number":23,"context_line":"    the FQDN of your |prod|\u0027s floating OAM IP Address."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"}],"source_content_type":"text/x-rst","patch_set":1,"id":"fc0fed15_e5ded0b8","line":23,"range":{"start_line":23,"start_character":8,"end_line":23,"end_character":13},"in_reply_to":"5070ff07_e459d5e9","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":20,"context_line":".. _letsencrypt-example-ul-h3j-f2w-nlb:"},{"line_number":21,"context_line":""},{"line_number":22,"context_line":"-   the LetsEncrypt CA in the public internet can send an http01 challenge to"},{"line_number":23,"context_line":"    the FQDN of your |prod|\u0027s floating OAM IP Address."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1e0334b1_63f8a593","line":23,"range":{"start_line":23,"start_character":16,"end_line":23,"end_character":29},"in_reply_to":"d157d506_b181cdb2","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":22,"context_line":"-   the LetsEncrypt CA in the public internet can send an http01 challenge to"},{"line_number":23,"context_line":"    the FQDN of your |prod|\u0027s floating OAM IP Address."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"-   ensure that your Cloud Platform administrator has shared the local"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1aa1c8be_b38bd0b6","line":25,"range":{"start_line":25,"start_character":4,"end_line":25,"end_character":9},"updated":"2021-09-29 15:07:27.000000000","message":"The","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":22,"context_line":"-   the LetsEncrypt CA in the public internet can send an http01 challenge to"},{"line_number":23,"context_line":"    the FQDN of your |prod|\u0027s floating OAM IP Address."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"-   ensure that your Cloud Platform administrator has shared the local"}],"source_content_type":"text/x-rst","patch_set":1,"id":"cf5f6412_1ce38055","line":25,"range":{"start_line":25,"start_character":4,"end_line":25,"end_character":9},"in_reply_to":"1aa1c8be_b38bd0b6","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":23,"context_line":"    the FQDN of your |prod|\u0027s floating OAM IP Address."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"-   ensure that your Cloud Platform administrator has shared the local"},{"line_number":29,"context_line":"    registry’s public repository’s credentials/secret with the namespace where"}],"source_content_type":"text/x-rst","patch_set":1,"id":"f4cabe43_ae999230","line":26,"range":{"start_line":26,"start_character":4,"end_line":26,"end_character":37},"updated":"2021-09-29 15:07:27.000000000","message":"Format as hyperlink","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":23,"context_line":"    the FQDN of your |prod|\u0027s floating OAM IP Address."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"-   ensure that your Cloud Platform administrator has shared the local"},{"line_number":29,"context_line":"    registry’s public repository’s credentials/secret with the namespace where"}],"source_content_type":"text/x-rst","patch_set":1,"id":"d85cebc9_b8125ceb","line":26,"range":{"start_line":26,"start_character":4,"end_line":26,"end_character":37},"in_reply_to":"f4cabe43_ae999230","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"-   ensure that your Cloud Platform administrator has shared the local"},{"line_number":29,"context_line":"    registry’s public repository’s credentials/secret with the namespace where"},{"line_number":30,"context_line":"    you will create certificates,. This will allow you to leverage the"},{"line_number":31,"context_line":"    :command:`registry.local:9001/public/cert-manager-acmesolver` image."}],"source_content_type":"text/x-rst","patch_set":1,"id":"23564413_3a93f142","line":28,"range":{"start_line":28,"start_character":21,"end_line":28,"end_character":35},"updated":"2021-09-29 15:07:27.000000000","message":"|prod|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":25,"context_line":"-   your |prod| has access to the kuard demo application at"},{"line_number":26,"context_line":"    gcr.io/kuar-demo/kuard-amd64:blue"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"-   ensure that your Cloud Platform administrator has shared the local"},{"line_number":29,"context_line":"    registry’s public repository’s credentials/secret with the namespace where"},{"line_number":30,"context_line":"    you will create certificates,. This will allow you to leverage the"},{"line_number":31,"context_line":"    :command:`registry.local:9001/public/cert-manager-acmesolver` image."}],"source_content_type":"text/x-rst","patch_set":1,"id":"bd062f84_acd38a67","line":28,"range":{"start_line":28,"start_character":21,"end_line":28,"end_character":35},"in_reply_to":"23564413_3a93f142","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":64,"context_line":"    \u003chttps://github.com/kubernetes-up-and-running/kuard\u003e`__\\) with an INGRESS"},{"line_number":65,"context_line":"    using cert-manager by applying the following manifest file:"},{"line_number":66,"context_line":""},{"line_number":67,"context_line":"    Where both ‘starlingx.mycompany.com’ and ‘kuard.starlingx.mycompany.com’ are"},{"line_number":68,"context_line":"    FQDNs that map to the OAM Floating IP of Cloud Platform."},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"    (You should substitute these for FQDNs for your Cloud Platform"}],"source_content_type":"text/x-rst","patch_set":1,"id":"5d346493_bd6f2344","line":67,"range":{"start_line":67,"start_character":15,"end_line":67,"end_character":76},"updated":"2021-09-29 15:07:27.000000000","message":"wrap both in double-back-ticks","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":64,"context_line":"    \u003chttps://github.com/kubernetes-up-and-running/kuard\u003e`__\\) with an INGRESS"},{"line_number":65,"context_line":"    using cert-manager by applying the following manifest file:"},{"line_number":66,"context_line":""},{"line_number":67,"context_line":"    Where both ‘starlingx.mycompany.com’ and ‘kuard.starlingx.mycompany.com’ are"},{"line_number":68,"context_line":"    FQDNs that map to the OAM Floating IP of Cloud Platform."},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"    (You should substitute these for FQDNs for your Cloud Platform"}],"source_content_type":"text/x-rst","patch_set":1,"id":"23a2d65f_07a7ee80","line":67,"range":{"start_line":67,"start_character":15,"end_line":67,"end_character":76},"in_reply_to":"5d346493_bd6f2344","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":65,"context_line":"    using cert-manager by applying the following manifest file:"},{"line_number":66,"context_line":""},{"line_number":67,"context_line":"    Where both ‘starlingx.mycompany.com’ and ‘kuard.starlingx.mycompany.com’ are"},{"line_number":68,"context_line":"    FQDNs that map to the OAM Floating IP of Cloud Platform."},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"    (You should substitute these for FQDNs for your Cloud Platform"},{"line_number":71,"context_line":"    installation.)"}],"source_content_type":"text/x-rst","patch_set":1,"id":"b54b2981_e2e5673b","line":68,"range":{"start_line":68,"start_character":45,"end_line":68,"end_character":60},"updated":"2021-09-29 15:07:27.000000000","message":"|prod|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":65,"context_line":"    using cert-manager by applying the following manifest file:"},{"line_number":66,"context_line":""},{"line_number":67,"context_line":"    Where both ‘starlingx.mycompany.com’ and ‘kuard.starlingx.mycompany.com’ are"},{"line_number":68,"context_line":"    FQDNs that map to the OAM Floating IP of Cloud Platform."},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"    (You should substitute these for FQDNs for your Cloud Platform"},{"line_number":71,"context_line":"    installation.)"}],"source_content_type":"text/x-rst","patch_set":1,"id":"0e41557c_a878eaab","line":68,"range":{"start_line":68,"start_character":45,"end_line":68,"end_character":60},"in_reply_to":"b54b2981_e2e5673b","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":30859,"name":"M Camp","email":"mcamp859@hotmail.com","username":"mcamp859"},"change_message_id":"085cb472268f1d2febe790d184764b3f7d3a9f59","unresolved":true,"context_lines":[{"line_number":67,"context_line":"    Where both ‘starlingx.mycompany.com’ and ‘kuard.starlingx.mycompany.com’ are"},{"line_number":68,"context_line":"    FQDNs that map to the OAM Floating IP of Cloud Platform."},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"    (You should substitute these for FQDNs for your Cloud Platform"},{"line_number":71,"context_line":"    installation.)"},{"line_number":72,"context_line":""},{"line_number":73,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"845137fd_01e3fa4d","line":70,"range":{"start_line":70,"start_character":52,"end_line":70,"end_character":66},"updated":"2021-09-29 15:07:27.000000000","message":"|prod|","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"bff6c0dd50455210edc45955b728daca8b25c509","unresolved":false,"context_lines":[{"line_number":67,"context_line":"    Where both ‘starlingx.mycompany.com’ and ‘kuard.starlingx.mycompany.com’ are"},{"line_number":68,"context_line":"    FQDNs that map to the OAM Floating IP of Cloud Platform."},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"    (You should substitute these for FQDNs for your Cloud Platform"},{"line_number":71,"context_line":"    installation.)"},{"line_number":72,"context_line":""},{"line_number":73,"context_line":""}],"source_content_type":"text/x-rst","patch_set":1,"id":"13b79f66_b6f5c80f","line":70,"range":{"start_line":70,"start_character":52,"end_line":70,"end_character":66},"in_reply_to":"845137fd_01e3fa4d","updated":"2021-10-04 14:13:47.000000000","message":"Done","commit_id":"fb763b3200d13af80fbcacd62666fa697fe37fbc"},{"author":{"_account_id":26026,"name":"Greg Waines","email":"greg.waines@windriver.com","username":"gwaines"},"change_message_id":"d982b5e62933c40e23102f0e163da6a860da7c1c","unresolved":true,"context_lines":[{"line_number":28,"context_line":"-   Ensure that your |prod| administrator has shared the local"},{"line_number":29,"context_line":"    registry’s public repository’s credentials/secret with the namespace where"},{"line_number":30,"context_line":"    you will create certificates. This will allow you to leverage the"},{"line_number":31,"context_line":"    :command:`registry.local:9001/public/cert-manager-acmesolver` image."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"-   Ensure that your |prod| administrator has enabled use of the"},{"line_number":34,"context_line":"    cert-manager apiGroups in your |RBAC| policies."}],"source_content_type":"text/x-rst","patch_set":3,"id":"02c06da8_69be24ae","line":31,"range":{"start_line":31,"start_character":71,"end_line":31,"end_character":72},"updated":"2021-10-04 15:49:31.000000000","message":"YOu should add.\n\nSee https://docs.starlingx.io/admintasks/kubernetes/setting-up-a-public-repository.html","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"dae72b39f02d23441c81f2b0108aeb6bf87d845b","unresolved":false,"context_lines":[{"line_number":28,"context_line":"-   Ensure that your |prod| administrator has shared the local"},{"line_number":29,"context_line":"    registry’s public repository’s credentials/secret with the namespace where"},{"line_number":30,"context_line":"    you will create certificates. This will allow you to leverage the"},{"line_number":31,"context_line":"    :command:`registry.local:9001/public/cert-manager-acmesolver` image."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"-   Ensure that your |prod| administrator has enabled use of the"},{"line_number":34,"context_line":"    cert-manager apiGroups in your |RBAC| policies."}],"source_content_type":"text/x-rst","patch_set":3,"id":"dd2e2a8e_bfc0be41","line":31,"range":{"start_line":31,"start_character":71,"end_line":31,"end_character":72},"in_reply_to":"02c06da8_69be24ae","updated":"2021-10-04 20:02:23.000000000","message":"Done","commit_id":"d0c1ac0f2dabaa618c79b4e9ddb2dc766320787b"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":6,"context_line":"External CA and Ingress Controller Example"},{"line_number":7,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"This guide describes how to configure an application to use Ingress"},{"line_number":10,"context_line":"Controller to both expose its |TLS|-based service and to use an External CA for"},{"line_number":11,"context_line":"signing CERTIFICATEs."},{"line_number":12,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"1c8978f2_4e28f46a","line":9,"range":{"start_line":9,"start_character":5,"end_line":9,"end_character":11},"updated":"2021-10-12 11:56:57.000000000","message":"section","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":6,"context_line":"External CA and Ingress Controller Example"},{"line_number":7,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"This guide describes how to configure an application to use Ingress"},{"line_number":10,"context_line":"Controller to both expose its |TLS|-based service and to use an External CA for"},{"line_number":11,"context_line":"signing CERTIFICATEs."},{"line_number":12,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"09cecb60_8299d698","line":9,"range":{"start_line":9,"start_character":5,"end_line":9,"end_character":11},"in_reply_to":"1c8978f2_4e28f46a","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":30539,"name":"Ron Stone","email":"ronald.stone@windriver.com","username":"ronstone2000"},"change_message_id":"e440fd8a50e85d59f9b060ba83820a5ea3ded74c","unresolved":true,"context_lines":[{"line_number":7,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"This guide describes how to configure an application to use Ingress"},{"line_number":10,"context_line":"Controller to both expose its |TLS|-based service and to use an External CA for"},{"line_number":11,"context_line":"signing CERTIFICATEs."},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"NOTE that alternatively an Internal CA could be used with an Ingress Controller"}],"source_content_type":"text/x-rst","patch_set":5,"id":"5028d1af_6a1d52f4","line":10,"range":{"start_line":10,"start_character":73,"end_line":10,"end_character":76},"updated":"2021-10-12 11:56:57.000000000","message":"|CA| throughout.","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"ebd9c557207d091dd66f7216b74fe81ae1fdc7d7","unresolved":false,"context_lines":[{"line_number":7,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"This guide describes how to configure an application to use Ingress"},{"line_number":10,"context_line":"Controller to both expose its |TLS|-based service and to use an External CA for"},{"line_number":11,"context_line":"signing CERTIFICATEs."},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"NOTE that alternatively an Internal CA could be used with an Ingress Controller"}],"source_content_type":"text/x-rst","patch_set":5,"id":"6fc2da12_be313510","line":10,"range":{"start_line":10,"start_character":73,"end_line":10,"end_character":76},"in_reply_to":"5028d1af_6a1d52f4","updated":"2021-10-13 14:37:07.000000000","message":"Done","commit_id":"f126f0e92f02858a188fd84e87ecc48380dca988"},{"author":{"_account_id":28676,"name":"Andy Ning","email":"andy.ning@windriver.com","username":"andy.wrs"},"change_message_id":"04f13d840531924a9315452396b21669f15709c0","unresolved":true,"context_lines":[{"line_number":34,"context_line":""},{"line_number":35,"context_line":"-   Ensure that your |prod| administrator has enabled use of the"},{"line_number":36,"context_line":"    cert-manager apiGroups in your |RBAC| policies."},{"line_number":37,"context_line":""},{"line_number":38,"context_line":".. rubric:: |proc|"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"#.  Create a LetsEncrypt ISSUER in the default namespace by applying the"}],"source_content_type":"text/x-rst","patch_set":7,"id":"a129ad43_9dff031c","line":37,"updated":"2021-10-21 22:15:43.000000000","message":"Need to add:\n- Ensure that your |prod| administrator has opened port 80 and 443 in GlobalNetworkPolicy.","commit_id":"e76b65921d6ac8b0ee4f65a798a1b7f0f8a1a877"},{"author":{"_account_id":33342,"name":"Elisamara Aoki Gonçalves","email":"elisamaraaoki.goncalves@windriver.com","username":"egoncalv"},"change_message_id":"34a04494e5370aa3a254d35b8b623655782a30dc","unresolved":false,"context_lines":[{"line_number":34,"context_line":""},{"line_number":35,"context_line":"-   Ensure that your |prod| administrator has enabled use of the"},{"line_number":36,"context_line":"    cert-manager apiGroups in your |RBAC| policies."},{"line_number":37,"context_line":""},{"line_number":38,"context_line":".. rubric:: |proc|"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"#.  Create a LetsEncrypt ISSUER in the default namespace by applying the"}],"source_content_type":"text/x-rst","patch_set":7,"id":"f221cacd_d5704087","line":37,"in_reply_to":"a129ad43_9dff031c","updated":"2021-10-22 14:15:52.000000000","message":"Done","commit_id":"e76b65921d6ac8b0ee4f65a798a1b7f0f8a1a877"}]}