[DOCS-14275] Tutorial for generating client certificates with Kubernetes CA doesn't mention this is deprecated Created: 05/Mar/21  Updated: 14/Jul/21  Resolved: 14/Jul/21

Status: Closed
Project: Documentation
Component/s: Kubernetes Operator
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Minor - P4
Reporter: Mark Baker-Munton Assignee: Julia Malkin
Resolution: Duplicate Votes: 0
Labels: new-hire-ticket
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
Duplicate
Participants:
Days since reply: 2 years, 30 weeks ago
Epic Link: DOCSP-3291

 Description   

Status: This doc ticket is waiting for development. See the linked CLOUDP-75283, and also this Scope document: TLS Search Generation and Handling.

Description

This tutorial goes through the process of creating x509 certificates with the Kubernetes CA but doesn't mention this has been deprecated (clients should be creating their own certificates).

https://docs.mongodb.com/kubernetes-operator/master/tutorial/create-x509-client-certs/

 

 

Scope of changes

Impact to Other Docs

MVP (Work and Date)

Resources (Scope or Design Docs, Invision, etc.)



 Comments   
Comment by Julia Malkin [ 14/Jul/21 ]

Based on my discussion with Jason M and john.williams, I am closing this ticket, because the way this is handled depends on the new scope doc and is not well defined yet. There is a doc epic opened (and linked) that will cover the full extent of the changes needed for this ticket. The team recommended that I close this one as a duplicate of a larger DOC epic that is yet to be done and now waits for development.

Comment by Julia Malkin [ 14/Jul/21 ]

After chatting with Jason, I now have the CLOUDP ticket that defines the new design, and it is linked.
Here is the GDOC for the scope.

This doc ticket is not ready for work.

Comment by Julia Malkin [ 14/Jul/21 ]

Waiting for more info.

Comment by Julia Malkin [ 14/Jul/21 ]

[jason.mimick@mongodb.com] Could you please take a look and help advise what to do next?

I need information for what to add instead for these large steps:
1. Submit the New CSR to the Kubernetes CA https://docs.mongodb.com/kubernetes-operator/master/tutorial/create-x509-client-certs/#submit-the-new-csr-to-the-kubernetes-certauth
2. Obtain the Newly Issued Certificate from the Kubernetes CA https://docs.mongodb.com/kubernetes-operator/master/tutorial/create-x509-client-certs/#obtain-the-newly-issued-certificate-from-the-kubernetes-ca
3. Should we remove a section for 4.0? See tabs here please.

Generated at Thu Feb 08 08:09:58 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.