From cb178d97fcffa5ea193eeb63b5e9e7adb8813142 Mon Sep 17 00:00:00 2001
From: Thomas Spear <tspear@conquestcyber.com>
Date: Tue, 7 Nov 2023 11:19:20 -0600
Subject: [PATCH] Clarify that it is the webhook, not the CA Injector, which
 creates the secret with the webhook's root CA certificate

Signed-off-by: Thomas Spear <tspear@conquestcyber.com>
---
 content/docs/concepts/webhook.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/docs/concepts/webhook.md b/content/docs/concepts/webhook.md
index 884e92d7c81..05345edf438 100644
--- a/content/docs/concepts/webhook.md
+++ b/content/docs/concepts/webhook.md
@@ -35,7 +35,7 @@ cert-manager controller and CA injector components.
 In order for the API server to communicate with the webhook component, the
 webhook requires a TLS certificate that the apiserver is configured to trust.
 
-The [`cainjector`](./ca-injector.md) creates `secret/cert-manager-webhook-ca`, a self-signed root CA certificate which is used to sign certificates for the webhook pod.
+The webhook creates `secret/cert-manager-webhook-ca` in the namespace where the webhook is deployed. This secret contains a self-signed root CA certificate which is used to sign certificates for the webhook pod in order to fulfill this requirement.
 
 Then the webhook can be configured with either