OSSMDOC-405: Clarify name of default certificates generated by Service Mesh

rh-tokeefe · rh-tokeefe · commit da5aa581c4da · 2022-01-31T14:09:28.000-05:00
diff --git a/modules/ossm-security-cert-manage.adoc b/modules/ossm-security-cert-manage.adoc
@@ -10,15 +10,15 @@ By default, {ProductName} generates a self-signed root certificate and key and u
 .Prerequisites
 
 * Install {ProductName} with mutual TLS enabled to configure certificates.
-* This example uses the certificates from the link:https://github.com/maistra/istio/tree/maistra-2.0/samples/certs[Maistra repository]. For production, use your own certificates from your certificate authority.
+* This example uses the certificates from the link:https://github.com/maistra/istio/tree/maistra-2.1/samples/certs[Maistra repository]. For production, use your own certificates from your certificate authority.
 * Deploy the Bookinfo sample application to verify the results with these instructions.
 
 [id="ossm-cert-manage-add-cert-key_{context}"]
 == Adding an existing certificate and key
 
 To use an existing signing (CA) certificate and key, you must create a chain of trust file that includes the CA certificate, key, and root certificate. You must use the following exact file names for each of the corresponding certificates. The CA certificate is named `ca-cert.pem`, the key is `ca-key.pem`, and the root certificate, which signs `ca-cert.pem`, is named `root-cert.pem`. If your workload uses intermediate certificates, you must specify them in a `cert-chain.pem` file.
 
-Add the certificates to {ProductShortName} by following these steps. Save the example certificates from the link:https://github.com/maistra/istio/tree/maistra-2.0/samples/certs[Maistra repository] locally and replace `<path>` with the path to your certificates.
+Add the certificates to {ProductShortName} by following these steps. Save the example certificates from the link:https://github.com/maistra/istio/tree/maistra-2.1/samples/certs[Maistra repository] locally and replace `<path>` with the path to your certificates.
 
 . Create a secret `cacert` that includes the input files `ca-cert.pem`, `ca-key.pem`, `root-cert.pem` and `cert-chain.pem`.
 +
@@ -46,13 +46,6 @@ spec:
         privateKey:
           rootCADir:  /etc/cacerts
 ----
-+
-. To make sure the workloads add the new certificates promptly, delete the secrets generated by {ProductShortName}, named `istio.*`. In this example, `istio.default`. {ProductShortName} issues new certificates for the workloads.
-+
-[source,terminal]
-----
-$ oc delete secret istio.default
-----
 
 [id="ossm-cert-manage-verify-cert_{context}"]
 == Verifying your certificates
