Skip to content

Commit 7d9298e

Browse files
zdover23zdover23
committed
doc/mgr: edit grammar and formatting of rgw.rst
Improve the grammar and correct the formatting of the "Upgrading root ca certificates" procedure that was added to the documentation in ceph#61867 Fixes: https://tracker.ceph.com/issues/70014 Signed-off-by: Zac Dover <[email protected]>
1 parent 76106dd commit 7d9298e

File tree

1 file changed

+22
-20
lines changed

1 file changed

+22
-20
lines changed

doc/mgr/rgw.rst

Lines changed: 22 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -143,37 +143,39 @@ RGW admin command
143143
Upgrading root ca certificates
144144
------------------------------
145145

146+
#. Make sure that the RGW service is running.
147+
#. Make sure that the RGW service is up.
148+
#. Make sure that the RGW service has been upgraded to the latest release.
149+
#. From the Primary cluster on the Manager node, run the following command:
146150

147-
To upgrade root ca certificate, make sure rgw serives is upgraded. Make sure the rgw service is up and running.
148-
On Primary cluster on manger node run command:
151+
.. prompt:: bash #
149152

150-
::
153+
ceph orch cert-store get cert cephadm_root_ca_cert
151154

152-
ceph orch cert-store get cert cephadm_root_ca_cert
155+
#. On the node where the RGW service is running, store the certificate on the
156+
following path::
153157

154-
Store the certificate on node where rgw service is running on path
155-
::
158+
/etc/pki/ca-trust/source/anchors/<cert_name>.crt
156159

157-
/etc/pki/ca-trust/source/anchors/<cert_name>.crt
160+
#. Verify the certificate by running the following command:
158161

159-
Verify certificate using command:
162+
.. prompt:: bash #
160163

161-
::
164+
openssl x509 -in <cert_name>.crt -noout -text
162165

163-
openssl x509 -in <cert_name>.crt -noout -text
166+
#. Perform the above steps on the MGR node and on the RGW node of all secondary
167+
clusters.
164168

165-
Perform above steps on mgr node and rgw node of secondary clusters.
169+
#. After the certificates have been validated on all clusters, run the
170+
following command on all clusters that generate certificates:
166171

167-
Once certificates are validated on all the sites. Run:
172+
.. prompt:: bash #
168173

169-
::
174+
update-ca-trust
170175

171-
update-ca-trust
176+
#. From the primary node, ensure that the ``curl`` command can be run by the
177+
user:
172178

173-
on all the nodes where certificates are generated.
174-
175-
Check from primary node if the curl command works for the user:
176-
177-
::
179+
.. prompt:: bash [root@primary-node]#
178180

179-
[root@ceph-pri-node-0 anchors]# curl https://<host_ip>:443
181+
curl https://<host_ip>:443

0 commit comments

Comments
 (0)