RS: Added generate_self_signed_certs.sh options table to create certificates (#1961)

rrelledge · web-flow · commit d3a77bc9732d · 2025-08-12T09:09:41.000-05:00
* DOC-5458 RS: Added generate_self_signed_certs.sh options table to create certificates * DOC-5458 Removed duplicated option descriptions for generate_self_signed_certs.sh
diff --git a/content/operate/rs/security/certificates/create-certificates.md b/content/operate/rs/security/certificates/create-certificates.md
@@ -22,6 +22,17 @@ By default, the `generate_self_signed_certs.sh` script is located in `/opt/redis
 
 Here, you learn how to use this script to generate new certificates and how to install them.
 
+### Generate self-signed certs script options
+
+You can run the `generate_self_signed_certs.sh` script with the following options:
+
+| Option | Description |
+|----------|-------------|
+| `-h`<br />`--help` | Displays usage instructions. (Optional) |
+| `-d <days>`<br />`--days <days>` | Number of days the self-signed certificate is valid for. Setting this field longer than a year (365 days) is not recommended. (Optional, default: 365) |
+| `-f <names>`<br /><nobr>`--fqdnNames <names>`</nobr> | Space-separated list of [fully qualified domain names (FQDNs)](https://en.wikipedia.org/wiki/Fully_qualified_domain_name). Used for [storage area networks (SANs)](https://en.wikipedia.org/wiki/Storage_area_network). (Required)<br />Example: `-f "redis.example.com redis-1.example.com"` |
+| `-t <type>`<br />`--type <type>` | Type of certificate to generate. (Optional, default: all) <br />Values:<br />**cm**: Cluster Manager UI certificate<br />**api**: REST API certificate<br /> **proxy**: database endpoint proxy certificate<br />**syncer**: syncer component certificate<br />**metrics**: metrics exporter certificate<br />**all**: generates all certificate types |
+
 ### Step 1: Generate new certificates 
 
 Sign in to the machine hosting the cluster's master node and then run the following command:
@@ -31,30 +42,7 @@ Sign in to the machine hosting the cluster's master node and then run the follow
    -f "<DomainName1 DomainName2>" -d <Days> -t <Type>
 ```
 
-where:
-
-- _\<DomainName1>_ is the fully qualified domain name (FQDN) of the cluster.  (This is the name given to the cluster when first created.)
-- _\<DomainName2>_ is an optional FQDN for the cluster.  Multiple domain names are allowed, separated by whitespace.  Quotation marks (`""`) should enclose the full set of names.
-- _\<Days>_ is an integer specifying the number of days the certificate should be valid.  We recommend against setting this longer than a year (365 days).
-
-    _\<Days>_ is optional and defaults to `365`.
-
-- _\<Type>_ is a string identifying the name of the certificate to generate.  
-    
-    The following values are supported:
-
-    | Value | Description |
-    |-------|-------------|
-    | `api` | The REST API |
-    | `cm` | The Cluster Manager UI |
-    | `metrics` | The metrics exporter |
-    | `proxy` | The database endpoint |
-    | `syncer` | The synchronization process |
-    | `all` | Generates all certificates in a single operation |
-
-    _Type_ is optional and defaults to `all`.
-
-When you run the script, it either reports success (`"Self signed cert generated successfully"`) or an error message.  Use the error message to troubleshoot any issues.
+When you run the script, it either reports success (`"Self signed cert generated successfully"`) or an error message. Use the error message to troubleshoot any issues.
 
 The following example generates all self signed certificates for `mycluster.example.com`; these certificates expire one year after the command is run:
 
