From df4776d2025cb306469be8b99aef947d3328af72 Mon Sep 17 00:00:00 2001 From: Mike Jang <3287976+mjang@users.noreply.github.com> Date: Tue, 27 May 2025 10:16:56 -0700 Subject: [PATCH 1/6] fix: unmanaged certs only include metadata --- content/nginx-one/how-to/certificates/manage-certificates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md index 07a4f56e2..519cbd5b9 100644 --- a/content/nginx-one/how-to/certificates/manage-certificates.md +++ b/content/nginx-one/how-to/certificates/manage-certificates.md @@ -178,7 +178,7 @@ If you register an instance to NGINX One Console, as described in [Add your NGIN - Are used in their NGINX configuration - Do _not_ match an existing managed SSL certificate/CA bundle -These certificates appear in the list of unmanaged certificates. +These certificates appear in the list of unmanaged certificates. NGINX One Console has no data on those certificates, except for the metadata shown in the console. We recommend that you convert your unmanaged certificates. Converting to a managed certificate allows you to centrally manage, update, and deploy a certificate to your data plane from the NGINX One Console. From 876d27bddf633a6424b35b4f1161334b5b7d639b Mon Sep 17 00:00:00 2001 From: Mike Jang <3287976+mjang@users.noreply.github.com> Date: Tue, 27 May 2025 10:19:13 -0700 Subject: [PATCH 2/6] Update CSG page --- .../how-to/config-sync-groups/manage-config-sync-groups.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md b/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md index eb5bf8251..e3e5bc36a 100644 --- a/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md +++ b/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md @@ -37,7 +37,7 @@ Config Sync Groups support configuration inheritance and persistance. If you've On the other hand, if you remove all instances from a Config Sync Group, the original configuration persists. In other words, the group retains the configuration from that first instance (or the original configuration). Any new instance that you add later still inherits that configuration. -{{< tip >}}You can use _unmanaged_ certificates. Your actions can affect the [Config Sync Group status](#config-sync-group-status). For future instances on the data plane, if it: +{{< tip >}}You can use _unmanaged_ certificates. NGINX One Console collects _only_ the metadata shown in the console. It does not include the content of the certificate. Your actions can affect the [Config Sync Group status](#config-sync-group-status). For future instances on the data plane, if it: - Has unmanaged certificates in the same file paths as defined by the NGINX configuration as the Config Sync Group, that instance will be [**In Sync**](#config-sync-group-status). - Will be [**Out of Sync**](#config-sync-group-status) if the instance: From ec8927e4d122c8777bd0529cd2b3299cfeb6201c Mon Sep 17 00:00:00 2001 From: Mike Jang <3287976+mjang@users.noreply.github.com> Date: Tue, 27 May 2025 10:46:27 -0700 Subject: [PATCH 3/6] Update content/nginx-one/how-to/certificates/manage-certificates.md --- content/nginx-one/how-to/certificates/manage-certificates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md index 519cbd5b9..f04bf1510 100644 --- a/content/nginx-one/how-to/certificates/manage-certificates.md +++ b/content/nginx-one/how-to/certificates/manage-certificates.md @@ -178,7 +178,7 @@ If you register an instance to NGINX One Console, as described in [Add your NGIN - Are used in their NGINX configuration - Do _not_ match an existing managed SSL certificate/CA bundle -These certificates appear in the list of unmanaged certificates. NGINX One Console has no data on those certificates, except for the metadata shown in the console. +These certificates appear in the list of unmanaged certificates. NGINX One Console does not store unmanaged certs or keys, only metadata associated with them for monitoring. We recommend that you convert your unmanaged certificates. Converting to a managed certificate allows you to centrally manage, update, and deploy a certificate to your data plane from the NGINX One Console. From 0d362400c8aa817c24f8d50a44e166525deff048 Mon Sep 17 00:00:00 2001 From: Mike Jang <3287976+mjang@users.noreply.github.com> Date: Tue, 27 May 2025 10:47:56 -0700 Subject: [PATCH 4/6] Apply suggestions from code review --- .../how-to/config-sync-groups/manage-config-sync-groups.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md b/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md index e3e5bc36a..9e9f9d11a 100644 --- a/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md +++ b/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md @@ -37,7 +37,7 @@ Config Sync Groups support configuration inheritance and persistance. If you've On the other hand, if you remove all instances from a Config Sync Group, the original configuration persists. In other words, the group retains the configuration from that first instance (or the original configuration). Any new instance that you add later still inherits that configuration. -{{< tip >}}You can use _unmanaged_ certificates. NGINX One Console collects _only_ the metadata shown in the console. It does not include the content of the certificate. Your actions can affect the [Config Sync Group status](#config-sync-group-status). For future instances on the data plane, if it: +{{< tip >}}You can use _unmanaged_ certificates. NGINX One Console does not store unmanaged certs or keys, only metadata associated with them for monitoring. Your actions can affect the [Config Sync Group status](#config-sync-group-status). For future instances on the data plane, if it: - Has unmanaged certificates in the same file paths as defined by the NGINX configuration as the Config Sync Group, that instance will be [**In Sync**](#config-sync-group-status). - Will be [**Out of Sync**](#config-sync-group-status) if the instance: From 13b12640128859c83738ff63d91e00dec65aea96 Mon Sep 17 00:00:00 2001 From: Mike Jang <3287976+mjang@users.noreply.github.com> Date: Wed, 28 May 2025 09:53:55 -0700 Subject: [PATCH 5/6] Update content/nginx-one/how-to/certificates/manage-certificates.md Co-authored-by: Sylvia Wang <139922338+sylwang@users.noreply.github.com> --- content/nginx-one/how-to/certificates/manage-certificates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md index f04bf1510..0d53b6947 100644 --- a/content/nginx-one/how-to/certificates/manage-certificates.md +++ b/content/nginx-one/how-to/certificates/manage-certificates.md @@ -178,7 +178,7 @@ If you register an instance to NGINX One Console, as described in [Add your NGIN - Are used in their NGINX configuration - Do _not_ match an existing managed SSL certificate/CA bundle -These certificates appear in the list of unmanaged certificates. NGINX One Console does not store unmanaged certs or keys, only metadata associated with them for monitoring. +These certificates appear in the list of unmanaged certificates. NGINX One Console does not store unmanaged certs or keys, only metadata associated with certs for monitoring. We recommend that you convert your unmanaged certificates. Converting to a managed certificate allows you to centrally manage, update, and deploy a certificate to your data plane from the NGINX One Console. From eae35467c3e0a7b4fc3fe3f3ac03e12abba3e0c3 Mon Sep 17 00:00:00 2001 From: Mike Jang <3287976+mjang@users.noreply.github.com> Date: Wed, 28 May 2025 09:55:03 -0700 Subject: [PATCH 6/6] Update content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md --- .../how-to/config-sync-groups/manage-config-sync-groups.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md b/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md index 9e9f9d11a..d686e713e 100644 --- a/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md +++ b/content/nginx-one/how-to/config-sync-groups/manage-config-sync-groups.md @@ -37,7 +37,7 @@ Config Sync Groups support configuration inheritance and persistance. If you've On the other hand, if you remove all instances from a Config Sync Group, the original configuration persists. In other words, the group retains the configuration from that first instance (or the original configuration). Any new instance that you add later still inherits that configuration. -{{< tip >}}You can use _unmanaged_ certificates. NGINX One Console does not store unmanaged certs or keys, only metadata associated with them for monitoring. Your actions can affect the [Config Sync Group status](#config-sync-group-status). For future instances on the data plane, if it: +{{< tip >}}You can use _unmanaged_ certificates. NGINX One Console does not store unmanaged certs or keys, only metadata associated with the certs or keys for monitoring. Your actions can affect the [Config Sync Group status](#config-sync-group-status). For future instances on the data plane, if it: - Has unmanaged certificates in the same file paths as defined by the NGINX configuration as the Config Sync Group, that instance will be [**In Sync**](#config-sync-group-status). - Will be [**Out of Sync**](#config-sync-group-status) if the instance: