Update CLI flags for security (#1072)

Signed-off-by: Ronald Ngounou <[email protected]>

Author: ronaldngounou

content/en/docs/v3.5/op-guide/configuration.md

@@ -140,7 +140,7 @@ The list of flags provided below may not be up-to-date due to ongoing developmen
 --client-crl-file ''
   Path to the client certificate revocation list file.
 --client-cert-allowed-hostname ''
-  Allowed TLS hostname for client cert authentication.
+  Comma-separated list of SAN hostnames for client cert authentication.
 --trusted-ca-file ''
   Path to the client server TLS trusted CA cert file.
   Note setting this parameter will also automatically enable client cert authentication no matter what value is set for `--client-cert-auth`.
@@ -156,9 +156,9 @@ The list of flags provided below may not be up-to-date due to ongoing developmen
 --peer-trusted-ca-file ''
   Path to the peer server TLS trusted CA file.
 --peer-cert-allowed-cn ''
-  Required CN for client certs connecting to the peer endpoint.
+  Comma-separated list of allowed CNs for inter-peer TLS authentication.
 --peer-cert-allowed-hostname ''
-  Allowed TLS hostname for inter peer authentication.
+  Comma-separated list of allowed SAN hostnames for inter-peer TLS authentication.
 --peer-auto-tls 'false'
   Peer TLS using self-generated certificates if --peer-key-file and --peer-cert-file are not provided.
 --self-signed-cert-validity '1'

content/en/docs/v3.6/op-guide/configuration.md

@@ -142,7 +142,7 @@ The list of flags provided below may not be up-to-date due to ongoing developmen
 --client-crl-file ''
   Path to the client certificate revocation list file.
 --client-cert-allowed-hostname ''
-  Allowed TLS hostname for client cert authentication.
+  Comma-separated list of SAN hostnames for client cert authentication.
 --trusted-ca-file ''
   Path to the client server TLS trusted CA cert file.
   Note setting this parameter will also automatically enable client cert authentication no matter what value is set for `--client-cert-auth`.
@@ -158,9 +158,9 @@ The list of flags provided below may not be up-to-date due to ongoing developmen
 --peer-trusted-ca-file ''
   Path to the peer server TLS trusted CA file.
 --peer-cert-allowed-cn ''
-  Required CN for client certs connecting to the peer endpoint.
+  Comma-separated list of allowed CNs for inter-peer TLS authentication.
 --peer-cert-allowed-hostname ''
-  Allowed TLS hostname for inter peer authentication.
+  Comma-separated list of allowed SAN hostnames for inter-peer TLS authentication.
 --peer-auto-tls 'false'
   Peer TLS using self-generated certificates if --peer-key-file and --peer-cert-file are not provided.
 --self-signed-cert-validity '1'

content/en/docs/v3.7/op-guide/configuration.md

@@ -144,7 +144,7 @@ The list of flags provided below may not be up-to-date due to ongoing developmen
 --client-crl-file ''
   Path to the client certificate revocation list file.
 --client-cert-allowed-hostname ''
-  Allowed TLS hostname for client cert authentication.
+  Comma-separated list of SAN hostnames for client cert authentication.
 --trusted-ca-file ''
   Path to the client server TLS trusted CA cert file.
   Note setting this parameter will also automatically enable client cert authentication no matter what value is set for `--client-cert-auth`.
@@ -160,9 +160,9 @@ The list of flags provided below may not be up-to-date due to ongoing developmen
 --peer-trusted-ca-file ''
   Path to the peer server TLS trusted CA file.
 --peer-cert-allowed-cn ''
-  Required CN for client certs connecting to the peer endpoint.
+  Comma-separated list of allowed CNs for inter-peer TLS authentication.
 --peer-cert-allowed-hostname ''
-  Allowed TLS hostname for inter peer authentication.
+  Comma-separated list of allowed SAN hostnames for inter-peer TLS authentication.
 --peer-auto-tls 'false'
   Peer TLS using self-generated certificates if --peer-key-file and --peer-cert-file are not provided.
 --self-signed-cert-validity '1'