From 4ce975bb361577e58dc78f451bf49d3c0f1f762c Mon Sep 17 00:00:00 2001 From: Adam Greene Date: Tue, 5 Jul 2016 13:14:29 -0700 Subject: [PATCH] Update aws-ec2.html.md clarify, and make more explicit, the language around the default AWS public certificate --- website/source/docs/auth/aws-ec2.html.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/website/source/docs/auth/aws-ec2.html.md b/website/source/docs/auth/aws-ec2.html.md index 25879893d9..2e8492596e 100644 --- a/website/source/docs/auth/aws-ec2.html.md +++ b/website/source/docs/auth/aws-ec2.html.md @@ -242,10 +242,11 @@ endpoints. ### Varying Public Certificates -The AWS public certificate which contains the public key used to verify the -PKCS#7 signature varies for groups of regions. The default public certificate -provided with the backend is applicable for many regions. Instances whose PKCS#7 -signatures cannot be verified by the default public certificate, can register a +The AWS public certificate, which contains the public key used to verify the +PKCS#7 signature, varies for different AWS regions. The primary AWS public +certificate, which covers most AWS regions, is already included in Vault and +does not need to be added. Instances whose PKCS#7 signatures cannot be +verified by the default public certificate included in Vault, can register a different public certificate which can be found [here] (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html), via the `auth/aws-ec2/config/certificate/` endpoint.