Fix ssl page (#116)

* Fix SSL docs

* Add gitignore

.gitignore

@@ -0,0 +1 @@
+.idea

docs/ssl.md

@@ -20,7 +20,7 @@ The following example enables SSL and automatically generates the certificates:
 
 {{< include-code "enable-ssl.sample" "yaml" >}}
 
-If `sslSecrets.create` is `false`, the operator will look for the secret at `sslSecrets.tlsSecretName` and expect these values:
+If `sslSecrets.create` is `false`, the operator will look for the secret at `sslSecrets.tlsSecretName` in the same namespace of the **KafkaCluster** custom resource and expect these values:
 
 | Key          | Value              |
 |:------------:|:-------------------|
@@ -31,9 +31,9 @@ If `sslSecrets.create` is `false`, the operator will look for the secret at `ssl
 
 ### Listeners not used for internal broker and controller communication
 
-In [this **KafkaCluster** custom resource](https://github.com/banzaicloud/koperator/blob/master/config/samples/kafkacluster_with_ssl_hybrid_customcert.yaml), SSL is enabled for all listeners, and certificates are automatically generated for "internal" and "controller" listeners. The "external" and "internal" listeners will use the user-provided certificates. The **serverSSLCertSecret** key is a reference to the Kubernetes secret that contains the server certificate for the listener to be used for SSL communication.
+In [this **KafkaCluster** custom resource](https://github.com/banzaicloud/koperator/blob/master/config/samples/kafkacluster_with_ssl_hybrid_customcert.yaml), SSL is enabled for all listeners, and certificates are automatically generated for "inner" and "controller" listeners. The "external" and "internal" listeners will use the user-provided certificates. The **serverSSLCertSecret** key is a reference to the Kubernetes secret that contains the server certificate for the listener to be used for SSL communication.
 
-In the server secret the following keys must be set:
+In the server secret, the following keys must be set:
 
 | Key              | Value                                     |
 |:----------------:|:------------------------------------------|
@@ -45,7 +45,7 @@ The certificates in the listener configuration must be in JKS format.
 
 ### Listeners used for internal broker or controller communication
 
-In [this **KafkaCluster** custom resource](https://github.com/banzaicloud/koperator/blob/master/config/samples/kafkacluster_with_ssl_groups_customcert.yaml), SSL is enabled for all listeners, and user-provided certificates are used. In that case, when a custom certificate is used for a listener which is used for internal broker or controller communication, you must also specify the client certificate. The client certificate will be used by {{< kafka-operator >}}, Cruise Control, Cruise Control Metrics Reporter to communicate on SSL. The **clientSSLCertSecret** key is a reference to the Kubernetes secret where the custom client SSL certificate can be provided. The client certificate must be signed by the same CA authority as the server certificate for the corresponding listener. The **clientSSLCertSecret** has to be in the **KafkaCluster** custom resource spec field.
+In [this **KafkaCluster** custom resource](https://github.com/banzaicloud/koperator/blob/master/config/samples/kafkacluster_with_ssl_groups_customcert.yaml), SSL is enabled for all listeners, and user-provided server certificates. In that case, when a custom certificate is used for a listener which is used for internal broker or controller communication, you must also specify the client certificate. The client certificate will be used by {{< kafka-operator >}}, Cruise Control, Cruise Control Metrics Reporter to communicate on SSL. The **clientSSLCertSecret** key is a reference to the Kubernetes secret where the custom client SSL certificate can be provided. The client certificate must be signed by the same CA authority as the server certificate for the corresponding listener. The **clientSSLCertSecret** has to be in the **KafkaCluster** custom resource spec field.
 The client secret must contain the keystore and truststore JKS files and the password for them in base64 encoded format.
 
 In the server secret the following keys must be set: