Merge pull request #215386 from jiec-msft/mason/enhance-config-server-and-acs-ssh-note

prmerger-automator[bot] · web-flow · commit fdedf605bb46 · 2022-10-24T03:03:53.000Z
update ssh auth note for config server and Application Configuration Service
diff --git a/articles/spring-apps/how-to-config-server.md b/articles/spring-apps/how-to-config-server.md
@@ -89,7 +89,7 @@ The following table lists the configurable properties that you can use to set up
 | `strict-host-key-checking` | No       | Indicates whether the Config Server instance will fail to start when using the private `host-key`. Should be *true* (default value) or *false*.                      |
 
 > [!NOTE]
-> Config Server doesn't support SHA-2 signatures yet. Until support is added, use SHA-1 signatures or basic auth instead.
+> Config Server uses RSA keys with SHA-1 signatures for now. If you're using GitHub, for RSA public keys added to GitHub before November 2, 2021, the corresponding private key is supported. For RSA public keys added to GitHub after November 2, 2021, the corresponding private key is not supported, and we suggest using basic authentication instead.
 
 ### Private repository with basic authentication
 
diff --git a/articles/spring-apps/how-to-enterprise-application-configuration-service.md b/articles/spring-apps/how-to-enterprise-application-configuration-service.md
@@ -86,7 +86,7 @@ The following image shows the three types of repository authentication supported
    | `Strict host key checking` | No        | Optional value that indicates whether the backend should be ignored if it encounters an error when using the provided `Host key`. Valid values are `true` and `false`. The default value is `true`.                                 |
 
 > [!NOTE]
-> Application Configuration Service for Tanzu doesn't support SHA-2 signatures yet and we are actively working on to support it in future release. Before that, please use SHA-1 signatures or basic auth instead.
+> Application Configuration Service for Tanzu uses RSA keys with SHA-1 signatures for now. If you're using GitHub, for RSA public keys added to GitHub before November 2, 2021, the corresponding private key is supported. For RSA public keys added to GitHub after November 2, 2021, the corresponding private key is not supported, and we suggest using basic authentication instead.
 
 To validate access to the target URI, select **Validate**. After validation completes successfully, select **Apply** to update the configuration settings.
 
