From ceb1f70113ec635b79f8e947d8dd4f3dd8196006 Mon Sep 17 00:00:00 2001
From: Trekkie <111065900+TrekkieCoder@users.noreply.github.com>
Date: Tue, 5 Nov 2024 21:27:44 +0900
Subject: [PATCH] Update https.md

---
 docs/https.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/docs/https.md b/docs/https.md
index 8bea970d..2b057597 100644
--- a/docs/https.md
+++ b/docs/https.md
@@ -1,7 +1,7 @@
 
 # HTTPS guide for loxilb API
 
-By default loxilb uses plain http for its API operation. Please refere to the arch [guide](https://docs.loxilb.io/latest/kube-loxilb/#overall-topology) for more info. This guide will detail the steps needed to enable https in both loxilb (server-mode) and kube-loxilb (client-mode). For enabling https, we need to have proper certificate and keys in place. We will use popular tool [mkcert](https://github.com/FiloSottile/mkcert) to configure locally-trusted development certificates. One could also use tools like [letsencrypt](https://letsencrypt.org) for production grade certificates. Nonetheless, overall process is the same.
+By default loxilb uses plain http for its API operation. Please refer to the arch [guide](https://docs.loxilb.io/latest/kube-loxilb/#overall-topology) for more info. This guide will detail the steps needed to enable https in both loxilb (server-mode) and kube-loxilb (client-mode). For enabling https, we need to have proper certificate and keys in place. We will use popular tool [mkcert](https://github.com/FiloSottile/mkcert) to configure locally-trusted development certificates. One could also use tools like [letsencrypt](https://letsencrypt.org) for production grade certificates. Nonetheless, overall process is the same.
 
 ## Generate the certificates 
 
@@ -11,7 +11,7 @@ cd cert
 wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64
 chmod +x mkcert-v1.4.3-linux-amd64
 mv mkcert-v1.4.3-linux-amd64 mkcert
-mkdir loxilb.io
+mkdir loxilb
 export CAROOT=`pwd`/loxilb
 ./mkcert -install
 ./mkcert 192.168.80.9
@@ -30,7 +30,9 @@ To run loxilb, we can simply mount the cert directory created earlier into appro
 ```
 docker run -u root --cap-add SYS_ADMIN   --restart unless-stopped --privileged -dit -v /dev/log:/dev/log -v `pwd`/cert:/opt/loxilb/cert/ --net=host --name loxilb ghcr.io/loxilb-io/loxilb:latest --tls
 ```
-The http only api channel is still available at this point. We can restrict its availability only inside the pod by adding the argument ```--host=127.0.0.1```. If loxilb is running in-cluster, we can use volume mounts to the loxilb pod. The volume mount option is similar to what will be used for kube-loxilb as explained below. 
+The http only api channel is still available at this point outside the pod. We can restrict its availability only inside the pod by adding the argument ```--host=127.0.0.1```. 
+
+If loxilb is running in-cluster, we can use volume mounts to the loxilb pod to have the same effect as explained. The volume mount option is similar to what will be used for kube-loxilb as explained below. 
 
 ## Run kube-loxilb with updated rootCA