Merge pull request #1340 from tspearconquest/concepts_webhook_update

Clarify that it is the webhook, not the CA Injector, which creates the secret with the webhook's root CA certificate
cert-manager · Nov 8, 2023 · 8ef1fa3 · 8ef1fa3
2 parents ae502c7 + cb178d9
commit 8ef1fa3
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/content/docs/concepts/webhook.md b/content/docs/concepts/webhook.md
@@ -35,7 +35,7 @@ cert-manager controller and CA injector components.
 In order for the API server to communicate with the webhook component, the
 webhook requires a TLS certificate that the apiserver is configured to trust.
 
-The [`cainjector`](./ca-injector.md) creates `secret/cert-manager-webhook-ca`, a self-signed root CA certificate which is used to sign certificates for the webhook pod.
+The webhook creates `secret/cert-manager-webhook-ca` in the namespace where the webhook is deployed. This secret contains a self-signed root CA certificate which is used to sign certificates for the webhook pod in order to fulfill this requirement.
 
 Then the webhook can be configured with either