Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Each {PVE} cluster creates its own (self-signed) Certificate Authority (CA) and
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Each {PVE} cluster creates its own (self-signed) Certificate Authority (CA) and
-generates a certificate for each node and signs it by the previously created CA.
-These certificates are used
-for encrypted communication with the cluster's pveproxy service and the
-Shell/Console feature if SPICE is used.
+generates a certificate for each node which gets signed by the aforementioned
+CA. These certificates are used for encrypted communication with the cluster's
+`pveproxy` service and the Shell/Console feature if SPICE is used.
The CA certificate and key are stored in the xref:chapter_pmxcfs[Proxmox Cluster File System (pmxcfs)].
The CA certificate and key are stored in the xref:chapter_pmxcfs[Proxmox Cluster File System (pmxcfs)].