Adds note that it requires a PEM-encoded file (#10145)

hashicorp · Oct 14, 2020 · 3b5c691 · 3b5c691
1 parent da6f9f6
commit 3b5c691
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/website/pages/docs/configuration/listener/tcp.mdx b/website/pages/docs/configuration/listener/tcp.mdx
@@ -83,16 +83,16 @@ advertise the correct address to other nodes.
   insecure communication.
 
 - `tls_cert_file` `(string: <required-if-enabled>, reloads-on-SIGHUP)` –
-  Specifies the path to the certificate for TLS. To configure the listener to
-  use a CA certificate, concatenate the primary certificate and the CA
+  Specifies the path to the certificate for TLS. It requires a PEM-encoded file. 
+  To configure the listener to use a CA certificate, concatenate the primary certificate and the CA
   certificate together. The primary certificate should appear first in the
   combined file. On `SIGHUP`, the path set here _at Vault startup_ will be used
   for reloading the certificate; modifying this value while Vault is running
   will have no effect for `SIGHUP`s.
 
 - `tls_key_file` `(string: <required-if-enabled>, reloads-on-SIGHUP)` –
-  Specifies the path to the private key for the certificate. If the key file
-  is encrypted, you will be prompted to enter the passphrase on server startup.
+  Specifies the path to the private key for the certificate. It requires a PEM-encoded file.
+  If the key file is encrypted, you will be prompted to enter the passphrase on server startup.
   The passphrase must stay the same between key files when reloading your
   configuration using `SIGHUP`. On `SIGHUP`, the path set here _at Vault
   startup_ will be used for reloading the certificate; modifying this value