(doc)wazuh: Update encryption pattern for private keys

grzegorzkoper · grzegorzkoper · commit dc3ef99b1972 · 2025-01-16T09:50:49.000+01:00
Update the ansible-vault encrypt command pattern to include both
*.key and *-key.pem files. This ensures all private key files
(root-ca.key, os-wazuh-key.pem, and admin-key.pem) are properly
encrypted when deploying Wazuh.
diff --git a/doc/source/configuration/wazuh.rst b/doc/source/configuration/wazuh.rst
@@ -349,11 +349,11 @@ If you are using the wazuh generated certificates,
 this will result in the creation of some certificates and keys (in case of custom certs adjust path to it).
 Encrypt the keys (and remember to commit to git):
 
-``ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/<environment>/wazuh/wazuh-certificates/*.key``
+``ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/<environment>/wazuh/wazuh-certificates/*.key $KAYOBE_CONFIG_PATH/environments/<environment>/wazuh/wazuh-certificates/*-key.pem``
 
 If using the kayobe environments feature, otherwise:
 
-``ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/ansible/wazuh/certificates/certs/*.key``
+``ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/ansible/wazuh/certificates/certs/*.key $KAYOBE_CONFIG_PATH/ansible/wazuh/certificates/certs/*-key.pem``
 
 .. _wazuh-verification:
 
