mTLS-readme added with configuration steps

intelops · May 20, 2024 · 79f04b0 · 79f04b0
1 parent bcdeda6
commit 79f04b0
Showing 1 changed file with 12 additions and 10 deletions.
diff --git a/docs/CONFIGURATION_MTLS.md b/docs/CONFIGURATION_MTLS.md
@@ -1,7 +1,8 @@
 # Configuring mTLS: Guidelines and Instructions
 
-**Step-1:** Create a ca-config.cnf file
+**Step-1: Create a ca-config.cnf file**
 
+```$xslt
 [ req ]
 
 default_bits        = 2048
@@ -49,8 +50,9 @@ DNS.1 = kubviz-client-nats
 DNS.2 = kubviz-client
 
 DNS.3 = kubviz-agent
+```
 
-**Step-2:** Create ca-cert.pem
+**Step-2: Create ca-cert.pem**
 
 ```bash
 openssl genrsa -out ca-key.pem 4096
@@ -60,7 +62,7 @@ openssl genrsa -out ca-key.pem 4096
 openssl req -new -x509 -days 365 -key ca-key.pem -out ca-cert.pem -subj "/C=IN/ST=Tamil Nadu/L=Chennai/O=Kubviz/CN=KubvizCA"
 ```
 
-**Step-3:** Create the Server Certificate
+**Step-3: Create the Server Certificate**
 
 ```bash
 openssl genrsa -out server-key.pem 4096
@@ -74,7 +76,7 @@ openssl req -new -key server-key.pem -out server-csr.pem -subj "/C=IN/ST=Tamil N
 openssl x509 -req -days 365 -in server-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem -extfile ca-config.cnf -extensions v3_ca
 ```
 
-**Step-4:** Create the Client Certificate
+**Step-4: Create the Client Certificate**
 
 ```bash
 openssl genrsa -out client-key.pem 4096
@@ -88,7 +90,7 @@ openssl req -new -key client-key.pem -out client-csr.pem -subj "/C=IN/ST=Tamil N
 openssl x509 -req -days 365 -in client-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 -out client-cert.pem -extfile ca-config.cnf -extensions v3_ca
 ```
 
-**step-5:** Create the agent certificate
+**step-5: Create the agent certificate**
 
 ```bash
 openssl genrsa -out agent-key.pem 4096
@@ -101,7 +103,7 @@ openssl req -new -key agent-key.pem -out agent-csr.pem -subj "/C=IN/ST=Tamil Nad
 ```bash
 openssl x509 -req -days 365 -in agent-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 -out agent-cert.pem -extfile ca-config.cnf -extensions v3_ca
 ```
-**step-6:** Create secrets
+**step-6: Create secrets**
 
 ```bash
 kubectl create secret generic kubviz-client-ca-cert --from-file=client-cert.pem --from-file=client-key.pem --from-file=ca-cert.pem -n kubviz
@@ -115,9 +117,9 @@ kubectl create secret generic kubviz-agent-ca-cert --from-file=agent-cert.pem --
 kubectl create secret generic kubviz-server-ca-cert --from-file=server-cert.pem --from-file=server-key.pem --from-file=ca-cert.pem -n kubviz
 ```
 
-#### if you want to enable mtls add the secret name in client/values.yaml also mtls.enabled:true
+#### if you want to enable mtls add the secret name in client/values.yaml also mtls.enabled: true
 
-**Step-7:** Add the secret name in client/value.yaml
+**Step-7: Add the secret name in client/value.yaml**
 
 Below is the nats configuration
 
@@ -133,7 +135,7 @@ tls:
 ...
 ```
 
-**Step-8:** Add the secret name in client/value.yaml
+**Step-8: Add the secret name in client/value.yaml**
 
 ```yaml
 mtls:
@@ -143,7 +145,7 @@ mtls:
 ...
 ```
 
-**Step-9:** Add the secret name in agent/value.yaml
+**Step-9: Add the secret name in agent/value.yaml**
 
 ```yaml
 mtls: