You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/03/21 01:39:54 UTC

[GitHub] [pulsar] Anonymitaet commented on a change in pull request #14763: [Docs] Add instructions for configuring CA on macOS

Anonymitaet commented on a change in pull request #14763:
URL: https://github.com/apache/pulsar/pull/14763#discussion_r830709507



##########
File path: site2/docs/security-tls-transport.md
##########
@@ -57,13 +57,26 @@ chmod 700 private/
 touch index.txt
 echo 1000 > serial
 openssl genrsa -aes256 -out private/ca.key.pem 4096
+# You need enter a password in the command above
 chmod 400 private/ca.key.pem
 openssl req -config openssl.cnf -key private/ca.key.pem \
     -new -x509 -days 7300 -sha256 -extensions v3_ca \
     -out certs/ca.cert.pem
+# You must enter the same password in the previous openssl command
 chmod 444 certs/ca.cert.pem
 ```
 
+> **Tips**
+>
+> The default `openssl` on macOS doesn't work for commands above. You must upgrade the `openssl` via Homebrew:
+>
+> ```bash
+> brew install openssl
+> export PATH="/usr/local/Cellar/openssl@3/3.0.1/bin:$PATH"
+> ```
+>
+> The version `3.0.1` might change in future, please use the actual path from the output of `brew install` command.

Review comment:
       ```suggestion
   > The version `3.0.1` might change in the future. Use the actual path from the output of `brew install` command.
   ```
   Do not use please and thank you in technical information. Technical information requires an authoritative tone. Terms of politeness are superfluous, convey the wrong tone for technical material, and are not regarded the same way in all cultures. In marketing information, terms of politeness might be appropriate. Use the imperative mood in the first sentence of each step.
   https://docs.google.com/document/d/1lc5j4RtuLIzlEYCBo97AC8-U_3Erzs_lxpkDuseU0n4/edit#bookmark=id.x24xr2yx9b9t

##########
File path: site2/docs/security-tls-transport.md
##########
@@ -57,13 +57,26 @@ chmod 700 private/
 touch index.txt
 echo 1000 > serial
 openssl genrsa -aes256 -out private/ca.key.pem 4096
+# You need enter a password in the command above
 chmod 400 private/ca.key.pem
 openssl req -config openssl.cnf -key private/ca.key.pem \
     -new -x509 -days 7300 -sha256 -extensions v3_ca \
     -out certs/ca.cert.pem
+# You must enter the same password in the previous openssl command
 chmod 444 certs/ca.cert.pem
 ```
 
+> **Tips**
+>
+> The default `openssl` on macOS doesn't work for commands above. You must upgrade the `openssl` via Homebrew:

Review comment:
       ```suggestion
   > The default `openssl` on macOS doesn't work for the commands above. You must upgrade the `openssl` via Homebrew:
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org