Browse code
Tweak the text a little
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
Sven Dowideit authored on 2015/02/12 11:26:50Showing 1 changed files
| ... | ... |
@@ -71,12 +71,11 @@ name) matches the hostname you will use to connect to Docker: |
| 71 | 71 |
|
| 72 | 72 |
Next, we're going to sign the public key with our CA: |
| 73 | 73 |
|
| 74 |
-Since tls connections can be made via IP address as well as dns name, |
|
| 75 |
-this extension allows for your client to connect via IP address. You will |
|
| 76 |
-need to replace $YOUR_IP_ADDRESS with your IP address. If there |
|
| 77 |
-is more than one simply continue to add them separated by commas. |
|
| 74 |
+Since TLS connections can be made via IP address as well as DNS name, they need |
|
| 75 |
+to be specified when creating the certificate. For example, to allow connections |
|
| 76 |
+using `10.10.10.20` and `127.0.0.1`: |
|
| 78 | 77 |
|
| 79 |
- $ echo subjectAltName = IP:$YOUR_PUBLIC_IP > extfile.cnf |
|
| 78 |
+ $ echo subjectAltName = IP:10.10.10.20,IP:127.0.0.1 > extfile.cnf |
|
| 80 | 79 |
|
| 81 | 80 |
$ openssl x509 -req -days 365 -in server.csr -CA ca.pem -CAkey ca-key.pem \ |
| 82 | 81 |
-CAcreateserial -out server-cert.pem -extfile extfile.cnf |