[DOCS] TLS file resources are reloadable (#33258)

Make clearer that file resources that are used as key trust material are polled and will be reloaded upon modification.
elastic · Aug 30, 2018 · 557eabf · 557eabf
1 parent b6f762d
commit 557eabf
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 2 deletions.
diff --git a/x-pack/docs/en/security/securing-communications/tls-http.asciidoc b/x-pack/docs/en/security/securing-communications/tls-http.asciidoc
@@ -77,7 +77,17 @@ bin/elasticsearch-keystore add xpack.security.http.ssl.secure_key_passphrase
 
 . Restart {es}.
 
-NOTE: All TLS-related node settings are considered to be highly sensitive and
+[NOTE]
+===============================
+* All TLS-related node settings are considered to be highly sensitive and
 therefore are not exposed via the
 {ref}/cluster-nodes-info.html#cluster-nodes-info[nodes info API] For more
 information about any of these settings, see <<security-settings>>.
+
+* {es} monitors all files such as certificates, keys, keystores, or truststores 
+that are configured as values of TLS-related node settings. If you update any of 
+these files (for example, when your hostnames change or your certificates are 
+due to expire), {es} reloads them. The files are polled for changes at 
+a frequency determined by the global {es} `resource.reload.interval.high` 
+setting, which defaults to 5 seconds.
+===============================
diff --git a/x-pack/docs/en/security/securing-communications/tls-transport.asciidoc b/x-pack/docs/en/security/securing-communications/tls-transport.asciidoc
@@ -95,7 +95,17 @@ vice-versa). After enabling TLS you must restart all nodes in order to maintain
 communication across the cluster.
 --
 
-NOTE: All TLS-related node settings are considered to be highly sensitive and
+[NOTE]
+===============================
+* All TLS-related node settings are considered to be highly sensitive and
 therefore are not exposed via the
 {ref}/cluster-nodes-info.html#cluster-nodes-info[nodes info API] For more
 information about any of these settings, see <<security-settings>>.
+
+* {es} monitors all files such as certificates, keys, keystores, or truststores 
+that are configured as values of TLS-related node settings. If you update any of 
+these files (for example, when your hostnames change or your certificates are 
+due to expire), {es} reloads them. The files are polled for changes at 
+a frequency determined by the global {es} `resource.reload.interval.high` 
+setting, which defaults to 5 seconds.
+===============================