https access update

Update documentation regarding enabling HTTPS access. Story: 2009811 Task: 50152 Change-Id: Iee85553a3bb794f645cf0e3233c6adc85ea172d8 Signed-off-by: Elisamara Aoki Goncalves <elisamaraaoki.goncalves@windriver.com>
2024-09-13 12:43:13 +00:00 · 2024-09-13 12:43:13 +00:00 · 6bf36c6a6e
commit 6bf36c6a6e
parent 8af10d5203
1 changed files with 8 additions and 47 deletions
--- a/doc/source/security/kubernetes/enable-https-access-for-starlingx-rest-and-web-server-endpoints.rst
+++ b/doc/source/security/kubernetes/enable-https-access-for-starlingx-rest-and-web-server-endpoints.rst
@ -2,9 +2,9 @@
 .. byh1570029392020
 .. _enable-https-access-for-starlingx-rest-and-web-server-endpoints:

-===============================================================
-Enable HTTPS Access for StarlingX REST and Web Server Endpoints
-===============================================================
+========================================================
+HTTPS Access for StarlingX REST and Web Server Endpoints
+========================================================

 When secure HTTPS connectivity is enabled, HTTP is disabled.

@ -22,53 +22,14 @@ When secure HTTPS connectivity is enabled, HTTP is disabled.

    -   You must change the port portion of the Horizon Web interface URL.

-        For HTTP, use http:<oam-floating-ip-address>:8080
-
        For HTTPS, use https:<oam-floating-ip-address>:8443

    -   You must logout and re-login into Horizon for the HTTPS Access
        changes to be displayed accurately in Horizon.


-.. rubric:: |proc|
-
-   To enable HTTPS for StarlingX REST and Web Server endpoints:
-
-    .. code-block:: none
-
-        ~(keystone_admin)]$ system modify --https_enabled true
-
-   To disable HTTPS for StarlingX REST and Web Server endpoints:
-
-    .. code-block:: none
-
-        ~(keystone_admin)]$ system modify --https_enabled false
-
-   Use the following command to display HTTPS settings:
-
-    .. code-block:: none
-
-        [sysadmin@controller-0 ~(keystone_admin)]$ system show
-        +----------------------+--------------------------------------+
-        | Property             | Value                                |
-        --------------------------------------------------------------+
-        | contact              | None                                 |
-        | created_at           | 2020-02-27T15:47:23.102735+00:00     |
-        | description          | None                                 |
-        | https_enabled        | False                                |
-        | location             | None                                 |
-        | name                 | 468f57ef-34c1-4e00-bba0-fa1b3f134b2b |
-        | region_name          | RegionOne                            |
-        | sdn_enabled          | False                                |
-        | security_feature     | spectre_meltdown_v1                  |
-        | service_project_name | services                             |
-        | software_version     | nn.nn                                |
-        | system_mode          | duplex                               |
-        | system_type          | Standard                             |
-        | timezone             | Canada/Eastern                       |
-        | updated_at           | 2020-02-28T10:56:24.297774+00:00     |
-        | uuid                 | c0e35924-e139-4dfc-945d-47f9a663d710 |
-        | vswitch_type         | none                                 |
-        +----------------------+--------------------------------------+
-
-
+Moving forward, the system will be have HTTPS enabled by default, as the REST
+API & Web Server certificate will be issued from bootstrap using the Platform
+Issuer (``system-local-ca``). This certificate will be renewed by cert-manager,
+and can be updated using procedure in
+:ref:`migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d`.