Refactor certificate documentation - bring your own key ring#4903
Refactor certificate documentation - bring your own key ring#4903MarkAckert wants to merge 27 commits intodocs-stagingfrom
Conversation
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
|
😺 Thank you for creating this PR! To publish your content to Zowe Docs, follow these required steps.
Need help? Contact the Doc Squad in the #zowe-doc Slack channel. |
|
📁 The PR description is missing the file name(s) for the updated content. List all the files included in this PR so this information displays in our Zowe Docs GitHub Slack channel. If you have addressed this issue already, refresh this page in your browser to remove this comment. |
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
anaxceron
left a comment
There was a problem hiding this comment.
Lots of great doc, @MarkAckert, thank ya!
Left some comments, mostly about Zowe style. Some are suggestions/questions and not requests for edits, per se. You make the call.
Signed-off-by: Martin Zeithaml <66114686+Martin-Zeithaml@users.noreply.github.com>
Corrected typos in the documentation regarding certificate labels and names. Signed-off-by: Martin Zeithaml <66114686+Martin-Zeithaml@users.noreply.github.com>
Fixed formatting issues in YAML examples and export messages. Signed-off-by: Martin Zeithaml <66114686+Martin-Zeithaml@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
anaxceron
left a comment
There was a problem hiding this comment.
Left some more comments re: minor edits. Let me know if you have questions.
docs/user-guide/configuring-at-tls-for-zowe-server-single-service.md
Outdated
Show resolved
Hide resolved
anaxceron
left a comment
There was a problem hiding this comment.
Left some more comments re: minor edits. Let me know if you have questions.
Co-authored-by: anaxceron <ana.ceron@broadcom.com> Signed-off-by: Mark Ackert <35308966+MarkAckert@users.noreply.github.com>
Co-authored-by: anaxceron <ana.ceron@broadcom.com> Signed-off-by: Mark Ackert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
…ice.md Co-authored-by: anaxceron <ana.ceron@broadcom.com> Signed-off-by: Mark Ackert <35308966+MarkAckert@users.noreply.github.com>
Co-authored-by: anaxceron <ana.ceron@broadcom.com> Signed-off-by: Mark Ackert <35308966+MarkAckert@users.noreply.github.com>
Co-authored-by: anaxceron <ana.ceron@broadcom.com> Signed-off-by: Mark Ackert <35308966+MarkAckert@users.noreply.github.com>
Co-authored-by: anaxceron <ana.ceron@broadcom.com> Signed-off-by: Mark Ackert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
Signed-off-by: MarkAckert <35308966+MarkAckert@users.noreply.github.com>
|
|
||
| * Scenario 1: Use a file-based (PKCS12) keystore with Zowe generated certificates | ||
| * Scenario 2: Use a file-based (PKCS12) keystore and import a certificate generated by another CA | ||
| * Scenario 3: Use a z/OS keyring-based keystore with Zowe generated certificates |
There was a problem hiding this comment.
In previous files, keyring was updated to key ring. Here it is again keyring. Should we unify it?
There was a problem hiding this comment.
What do you guys prefer? Maybe we should ask the TSC and add it to the Zowe style guide.
There was a problem hiding this comment.
I think we should use "key ring" outside code samples to align with IBM.
There was a problem hiding this comment.
I think we should use "key ring" outside code samples to align with IBM.
| - 12.34.56.78 | ||
| ``` | ||
| :::tip | ||
| To get the san IP address, run `ping dvipa.my-company.com` in your terminal. |
There was a problem hiding this comment.
In 9. is SAN used, here san.
| ------------------------------------------------------------------------------- | ||
| >> Generate Zowe certificate in keyring | ||
|
|
||
| >>>> Modify ZWEKRING |
There was a problem hiding this comment.
The JCL sample would be ZWEIKRR1 for RACF, ZWEIKRT1 for TSS or ZWEIKRA1 for ACF2.
Corrected formatting of bullet points for clarity. Signed-off-by: Martin Zeithaml <66114686+Martin-Zeithaml@users.noreply.github.com>
As part of the work we're doing in zowe/zowe-install-packaging#4238 and zowe/zowe-install-packaging#4652 for Zowe 3.5.0, we're refactoring documentation to lead users towards bringing their own certificates and key rings to Zowe, rather than leading them to running through our
init certificatetool. As part of this work, I took the opportunity to re-organize some of the certificate documentation with the following goals:Still to do: