diff --git a/docs/installation/acme/Installing-ACME-Responder-using-pkispawn.adoc b/docs/installation/acme/Installing-ACME-Responder-using-pkispawn.adoc index 68a587150d2..60abfc2d053 100644 --- a/docs/installation/acme/Installing-ACME-Responder-using-pkispawn.adoc +++ b/docs/installation/acme/Installing-ACME-Responder-using-pkispawn.adoc @@ -76,7 +76,7 @@ $ pkispawn \ -D acme_realm_url=ldap://ds.example.com:3389 ---- -The configuration files will be available in `/var/lib/pki/pki-tomcat/conf/acme` folder. +The configuration files are available in `/var/lib/pki/pki-tomcat/conf/acme` folder. See also link:../../admin/acme/Configuring-ACME-Responder.adoc[Configuring ACME Responder]. diff --git a/docs/installation/ca/Installing_CA.adoc b/docs/installation/ca/Installing_CA.adoc index bf292856cec..33806c2d648 100644 --- a/docs/installation/ca/Installing_CA.adoc +++ b/docs/installation/ca/Installing_CA.adoc @@ -17,7 +17,7 @@ To start the installation execute the following command: $ pkispawn -f ca.cfg -s CA .... == CA System Certificates -After installation, the CA system certificates and keys will be stored +After installation, the CA system certificates and keys are stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`): [literal,subs="+quotes,verbatim"] @@ -53,7 +53,7 @@ For simplicity the nicknames in this example are configured to be the same as th == Admin Certificate -After installation the admin certificate and key will be stored in `~/.dogtag/pki-tomcat/ca_admin_cert.p12`. +After installation the admin certificate and key are stored in `~/.dogtag/pki-tomcat/ca_admin_cert.p12`. The PKCS #12 password is specified in the `pki_client_pkcs12_password` parameter. To use the admin certificate, prepare a client NSS database (default is `~/.dogtag/nssdb`): diff --git a/docs/installation/ca/Installing_CA_Clone.adoc b/docs/installation/ca/Installing_CA_Clone.adoc index 86d51512527..01e7f6bd6c6 100644 --- a/docs/installation/ca/Installing_CA_Clone.adoc +++ b/docs/installation/ca/Installing_CA_Clone.adoc @@ -105,8 +105,8 @@ $ pkispawn -f ca-clone.cfg -s CA == CA System Certificates After installation the existing CA system certificates (including the certificate chain) -and their keys will be stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), -and a new SSL server certificate will be created for the new instance: +and their keys are stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), +and a new SSL server certificate is created for the new instance: [literal,subs="+quotes,verbatim"] .... diff --git a/docs/installation/ca/Installing_CA_Clone_with_Secure_Database_Connection.adoc b/docs/installation/ca/Installing_CA_Clone_with_Secure_Database_Connection.adoc index a3468d738c0..f00cf00f9cf 100644 --- a/docs/installation/ca/Installing_CA_Clone_with_Secure_Database_Connection.adoc +++ b/docs/installation/ca/Installing_CA_Clone_with_Secure_Database_Connection.adoc @@ -106,8 +106,8 @@ $ pkispawn -f ca-secure-ds-secondary.cfg -s CA == CA System Certificates After installation the existing CA system certificates (including the certificate chain) -and their keys will be stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), -and a new SSL server certificate will be created for the new instance: +and their keys are stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), +and a new SSL server certificate is created for the new instance: [literal,subs="+quotes,verbatim"] .... diff --git a/docs/installation/ca/Installing_CA_with_ECC.adoc b/docs/installation/ca/Installing_CA_with_ECC.adoc index cd5289f917e..9ab13c461dc 100644 --- a/docs/installation/ca/Installing_CA_with_ECC.adoc +++ b/docs/installation/ca/Installing_CA_with_ECC.adoc @@ -32,7 +32,7 @@ $ pkispawn -f ca-ecc.cfg -s CA == CA System Certificates -After installation the CA system certificates and keys will be stored +After installation the CA system certificates and keys are stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`): [literal,subs="+quotes,verbatim"] @@ -69,7 +69,7 @@ For simplicity the nicknames in this example are configured to be the same as th == Admin Certificate -After installation the admin certificate and key will be stored +After installation the admin certificate and key are stored in `~/.dogtag/pki-tomcat/ca_admin_cert.p12`. The PKCS #12 password is specified in the `pki_client_pkcs12_password` parameter. diff --git a/docs/installation/ca/Installing_CA_with_HSM.adoc b/docs/installation/ca/Installing_CA_with_HSM.adoc index a503a71b2a1..be5d747ba43 100644 --- a/docs/installation/ca/Installing_CA_with_HSM.adoc +++ b/docs/installation/ca/Installing_CA_with_HSM.adoc @@ -1,7 +1,7 @@ = Installing CA with HSM Follow this process to install a CA subsystem with a self-signed CA signing certificate -where the system certificates and their keys will be stored in HSM. +where the system certificates and their keys are stored in HSM. Prior to installation, please ensure that the link:../others/Installation_Prerequisites.adoc[Installation Prerequisites] are configured. diff --git a/docs/installation/ca/Installing_CA_with_Secure_Database_Connection.adoc b/docs/installation/ca/Installing_CA_with_Secure_Database_Connection.adoc index d5a9a1fdb02..9bba310eac3 100644 --- a/docs/installation/ca/Installing_CA_with_Secure_Database_Connection.adoc +++ b/docs/installation/ca/Installing_CA_with_Secure_Database_Connection.adoc @@ -24,9 +24,9 @@ $ pkispawn -f ca-secure-ds.cfg -s CA .... == CA System Certificates -After installation the CA system certificates with their keys will be +After installation the CA system certificates with their keys are generated and stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), -and the DS signing certificate will be imported into the same NSS database: +and the DS signing certificate is imported into the same NSS database: [literal,subs="+quotes,verbatim"] .... @@ -81,7 +81,7 @@ $ pki-server ca-db-config-show .... == Admin Certificate -After installation the admin certificate and key will be stored +After installation the admin certificate and key are stored in `~/.dogtag/pki-tomcat/ca_admin_cert.p12`. The PKCS #12 password is specified in the `pki_client_pkcs12_password` parameter. diff --git a/docs/installation/est/Installing-EST-pkispawn.adoc b/docs/installation/est/Installing-EST-pkispawn.adoc index 2dff4921a3a..5ad85d48e58 100644 --- a/docs/installation/est/Installing-EST-pkispawn.adoc +++ b/docs/installation/est/Installing-EST-pkispawn.adoc @@ -74,7 +74,7 @@ user has the role _estclient_. The `est_realm_*` options allow one to customize the realm. Possible types are: ds, postgresql and in-memory. -As an example, to install EST with PostgreSQL the command will be: +As an example, to install EST with PostgreSQL the command is: ---- # pkispawn \ @@ -173,7 +173,7 @@ Using the generated PKCS#12 bundle, the command to deploy EST is: === Installation on separate instance without certificates If the PKCS#12 bundle certificates are not provided to `pkispawn`, -during the installation, the EST server cert will be issued +during the installation, the EST server cert is issued automatically using the profile configured for EST. The connection with the CA uses the credentials (_username/password_) provided in the configuration file. In such a case the CA signing certificate is diff --git a/docs/installation/est/Installing-EST.adoc b/docs/installation/est/Installing-EST.adoc index b35c7f30f4c..9777780bc72 100644 --- a/docs/installation/est/Installing-EST.adoc +++ b/docs/installation/est/Installing-EST.adoc @@ -110,7 +110,7 @@ $ curl --cacert ./ca_signing.crt https://:/.well-known/ Replace `$EST_HOSTNAME` and `$EST_PORT` with the hostname and port of the *EST subsystem*, respectively. -If successful, the server CA certificate chain will be printed on +If successful, the server CA certificate chain is printed on standard output and the command will exit with status 0 (success). diff --git a/docs/installation/kra/Installing_KRA_Clone.adoc b/docs/installation/kra/Installing_KRA_Clone.adoc index 587c43767c0..ba446a9eba8 100644 --- a/docs/installation/kra/Installing_KRA_Clone.adoc +++ b/docs/installation/kra/Installing_KRA_Clone.adoc @@ -58,8 +58,8 @@ $ pkispawn -f kra-clone.cfg -s KRA == KRA System Certificates After installation the existing KRA system certificates (including the certificate chain) -and their keys will be stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), -and a new SSL server certificate will be created for the new instance: +and their keys are stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), +and a new SSL server certificate is created for the new instance: [literal,subs="+quotes,verbatim"] .... diff --git a/docs/installation/kra/Installing_KRA_with_HSM.adoc b/docs/installation/kra/Installing_KRA_with_HSM.adoc index fd06888b830..5c41ddf5fdc 100644 --- a/docs/installation/kra/Installing_KRA_with_HSM.adoc +++ b/docs/installation/kra/Installing_KRA_with_HSM.adoc @@ -2,7 +2,7 @@ Follow this process to install a KRA subsystem -where the system certificates and their keys will be stored in HSM. +where the system certificates and their keys are stored in HSM. Prior to installation, please ensure that the link:../others/Installation_Prerequisites.adoc[Installation Prerequisites] are configured. diff --git a/docs/installation/kra/Installing_Standalone_KRA.adoc b/docs/installation/kra/Installing_Standalone_KRA.adoc index a15998ccc1a..165beaa069b 100644 --- a/docs/installation/kra/Installing_Standalone_KRA.adoc +++ b/docs/installation/kra/Installing_Standalone_KRA.adoc @@ -3,7 +3,7 @@ Follow this process to install a standalone KRA subsystem. In link:Installing_KRA.md[regular KRA installation] the KRA certificates are issued automatically by the CA and the KRA will join the CA's security domain. -In standalone KRA installation, the KRA certificates will be issued manually and the KRA have its own security domain. +In standalone KRA installation, the KRA certificates are issued manually and the KRA have its own security domain. The installation process consists multiple steps: diff --git a/docs/installation/ocsp/Installing_OCSP_Clone.adoc b/docs/installation/ocsp/Installing_OCSP_Clone.adoc index 9ecd7664296..cfe80e7464e 100644 --- a/docs/installation/ocsp/Installing_OCSP_Clone.adoc +++ b/docs/installation/ocsp/Installing_OCSP_Clone.adoc @@ -57,8 +57,8 @@ $ pkispawn -f ocsp-clone.cfg -s OCSP == OCSP System Certificates After installation the existing OCSP system certificates (including the certificate chain) -and their keys will be stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), -and a new SSL server certificate will be created for the new instance: +and their keys are stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), +and a new SSL server certificate is created for the new instance: [literal,subs="+quotes,verbatim"] .... diff --git a/docs/installation/ocsp/Installing_OCSP_with_HSM.adoc b/docs/installation/ocsp/Installing_OCSP_with_HSM.adoc index 9a69a1d6b83..f00bea15f68 100644 --- a/docs/installation/ocsp/Installing_OCSP_with_HSM.adoc +++ b/docs/installation/ocsp/Installing_OCSP_with_HSM.adoc @@ -1,7 +1,7 @@ = Installing OCSP with HSM Follow this process to install an OCSP subsystem -where the system certificates and their keys will be stored in HSM. +where the system certificates and their keys are stored in HSM. Prior to installation, please ensure that the link:../others/Installation_Prerequisites.adoc[Installation Prerequisites] are configured. diff --git a/docs/installation/ocsp/Installing_Standalone_OCSP.adoc b/docs/installation/ocsp/Installing_Standalone_OCSP.adoc index 25291d91e6c..4c47b06224f 100644 --- a/docs/installation/ocsp/Installing_Standalone_OCSP.adoc +++ b/docs/installation/ocsp/Installing_Standalone_OCSP.adoc @@ -3,7 +3,7 @@ Follow this process to install a standalone OCSP subsystem. In link:Installing_OCSP.adoc[regular OCSP installation] the OCSP certificates are issued automatically by the CA and the OCSP will join the CA's security domain. -In standalone OCSP installation, the OCSP certificates will be issued manually and the OCSP have its own security domain. +In standalone OCSP installation, the OCSP certificates are issued manually and the OCSP have its own security domain. The installation process consists multiple steps: diff --git a/docs/installation/others/Creating_DS_instance.adoc b/docs/installation/others/Creating_DS_instance.adoc index 842acd7aa83..5925d79ceac 100644 --- a/docs/installation/others/Creating_DS_instance.adoc +++ b/docs/installation/others/Creating_DS_instance.adoc @@ -7,7 +7,7 @@ Follow this process to prepare a local DS instance for PKI server. Normally the DS installation will automatically generate a self-signed signing certificate and a server certificate for SSL connection. -In this procedure the certificate generation and the SSL connection will be disabled by default, +In this procedure the certificate generation and the SSL connection is disabled by default, but it can be enabled after installation if necessary. == Creating a DS Instance @@ -59,7 +59,7 @@ dc: pki EOF ---- -The subtree for each PKI subsystem will be created when the subsystem is installed. See link:../others/PKI-LDAP-Tree.adoc[PKI LDAP Tree]. +The subtree for each PKI subsystem is created when the subsystem is installed. See link:../others/PKI-LDAP-Tree.adoc[PKI LDAP Tree]. == Enabling SSL Connection diff --git a/docs/installation/server/Installing_PKI_Server_with_Custom_NSS_Databases.adoc b/docs/installation/server/Installing_PKI_Server_with_Custom_NSS_Databases.adoc index 240228888e3..716efc515a6 100644 --- a/docs/installation/server/Installing_PKI_Server_with_Custom_NSS_Databases.adoc +++ b/docs/installation/server/Installing_PKI_Server_with_Custom_NSS_Databases.adoc @@ -3,7 +3,7 @@ Follow this process to create a PKI server with custom NSS databases. -Normally, when installing a PKI subsystem, for example CA, some NSS databases will be created by default: +Normally, when installing a PKI subsystem, for example CA, some NSS databases are created by default: * server NSS database: /var/lib/pki/pki-tomcat/conf/alias * admin NSS database: ~/.dogtag/pki-tomcat/ca/alias diff --git a/docs/installation/tks/Installing_TKS_Clone.adoc b/docs/installation/tks/Installing_TKS_Clone.adoc index 697095c9d7d..5c8330b5259 100644 --- a/docs/installation/tks/Installing_TKS_Clone.adoc +++ b/docs/installation/tks/Installing_TKS_Clone.adoc @@ -56,8 +56,8 @@ $ pkispawn -f tks-clone.cfg -s TKS == TKS System Certificates After installation the existing TKS system certificates (including the certificate chain) -and their keys will be stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), -and a new SSL server certificate will be created for the new instance: +and their keys are stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), +and a new SSL server certificate is created for the new instance: [literal,subs="+quotes,verbatim"] .... diff --git a/docs/installation/tks/Installing_TKS_with_HSM.adoc b/docs/installation/tks/Installing_TKS_with_HSM.adoc index d6ac4bf193f..9bab08d059c 100644 --- a/docs/installation/tks/Installing_TKS_with_HSM.adoc +++ b/docs/installation/tks/Installing_TKS_with_HSM.adoc @@ -2,7 +2,7 @@ Follow this process to install a TKS subsystem -where the system certificates and their keys will be stored in HSM. +where the system certificates and their keys are stored in HSM. Prior to installation, please ensure that the link:../others/Installation_Prerequisites.adoc[Installation Prerequisites] are configured. diff --git a/docs/installation/tps/Installing_TPS_Clone.adoc b/docs/installation/tps/Installing_TPS_Clone.adoc index 4fbde9018f0..de4b7cd0211 100644 --- a/docs/installation/tps/Installing_TPS_Clone.adoc +++ b/docs/installation/tps/Installing_TPS_Clone.adoc @@ -57,8 +57,8 @@ $ pkispawn -f tps-clone.cfg -s TPS == TPS System Certificates After installation the existing TPS system certificates (including the certificate chain) -and their keys will be stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), -and a new SSL server certificate will be created for the new instance: +and their keys are stored in the server NSS database (i.e. `/var/lib/pki/pki-tomcat/conf/alias`), +and a new SSL server certificate is created for the new instance: [literal,subs="+quotes,verbatim"] .... diff --git a/docs/installation/tps/Installing_TPS_with_HSM.adoc b/docs/installation/tps/Installing_TPS_with_HSM.adoc index cd462f16348..cea6e727001 100644 --- a/docs/installation/tps/Installing_TPS_with_HSM.adoc +++ b/docs/installation/tps/Installing_TPS_with_HSM.adoc @@ -2,7 +2,7 @@ Follow this process to install a TPS subsystem -where the system certificates and their keys will be stored in HSM. +where the system certificates and their keys are stored in HSM. Prior to installation, please ensure that the link:../others/Installation_Prerequisites.adoc[Installation Prerequisites] are configured.