From 71a6fe4223062e738c22cbe465f30aaf50ed6bef Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 24 May 2022 17:43:30 -0400 Subject: [PATCH] Updated spacing on a step --- .../installation/resources/update-rancher-cert/_index.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/content/rancher/v2.0-v2.4/en/installation/resources/update-rancher-cert/_index.md b/content/rancher/v2.0-v2.4/en/installation/resources/update-rancher-cert/_index.md index 4147cdd5aa2..0781b1454eb 100644 --- a/content/rancher/v2.0-v2.4/en/installation/resources/update-rancher-cert/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/resources/update-rancher-cert/_index.md @@ -263,8 +263,6 @@ This section covers three methods to reconfigure Rancher agents to trust the pri - Rancher was initially configured to use the Rancher self-signed certificate (`ingress.tls.source=rancher`) or with a Let's Encrypt issued certificate (`ingress.tls.source=letsEncrypt`) - The root CA certificate for the new custom certificate has changed ->**CHANGE:** `CATTLE_CA_CHECKSUM` environment variable on the downstream cluster agents should be removed or set to "" (an empty string). - ### Why is this step required? When Rancher is configured with a certificate signed by a private CA, the CA certificate chain is downloaded into Rancher agent containers. Agents compare the checksum of the downloaded certificate against the `CATTLE_CA_CHECKSUM` environment variable. This means that, when the private CA certificate is changed on Rancher server side, the environvment variable `CATTLE_CA_CHECKSUM` must be updated accordingly. @@ -311,4 +309,8 @@ With this method you are recreating the Rancher agents by running a set of comma First, generate the agent definitions as described here: https://gist.github.com/superseb/076f20146e012f1d4e289f5bd1bd4971 Then, connect to a controlplane node of the downstream cluster via SSH, create a Kubeconfig and apply the definitions: -https://gist.github.com/superseb/b14ed3b5535f621ad3d2aa6a4cd6443b \ No newline at end of file +https://gist.github.com/superseb/b14ed3b5535f621ad3d2aa6a4cd6443b + +>**CHANGE:** +> +>`CATTLE_CA_CHECKSUM` environment variable on the downstream cluster agents should be removed or set to "" (an empty string). \ No newline at end of file