I would propose to split it up into two sections, one for servers and one for clients.
This would make it more readable, and avoid confusion on which steps are (or are not?) needed on the client?
## Servers
- set up certificates
- enable TLS on management traffic using /var/lib/glusterd/secure-access
- enable TLS on a volume
- enable client.ssl
- enable server.ssl
## Clients
- set up certificates
- enable TLS on management traffic using /var/lib/glusterd/secure-access
- IO traffic
## TLS-related configuration on volumes
- auth.tls-allow
- ssl.certificate-depth on a volume
- ssl.cipher-list on a volume
If desired, I can come up with a PR.
This is slightly related to #754, where the value inside /var/lib/glusterd/secure-access apparently can be different on servers and clients.
I find the current structure of the Administrator Guide for SSL somewhat confusing.
I would propose to split it up into two sections, one for servers and one for clients.
This would make it more readable, and avoid confusion on which steps are (or are not?) needed on the client?
If desired, I can come up with a PR.
This is slightly related to #754, where the value inside
/var/lib/glusterd/secure-accessapparently can be different on servers and clients.