From c9f92a691c38b7bc4c55804738fb55023597a746 Mon Sep 17 00:00:00 2001
From: Fotis Voutsas <fotis@netdata.cloud>
Date: Tue, 20 Feb 2024 11:02:38 +0200
Subject: [PATCH] =?UTF-8?q?Populate=20the=20SSL=20section=20in=20Observabi?=
 =?UTF-8?q?lity=20and=20centralization=20points=20-=E2=80=A6=20(#17035)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Populate the SSL section in Observability and centralization points -> Metrics centralization points - > configuration

* Update configuration.md

* Update docs/observability-centralization-points/metrics-centralization-points/configuration.md

* Update docs/observability-centralization-points/metrics-centralization-points/configuration.md

* add note about install directory

* Update configuration.md

* Update configuration.md

---------

Co-authored-by: Ilya Mashchenko <ilya@netdata.cloud>
---
 .../configuration.md                          | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/docs/observability-centralization-points/metrics-centralization-points/configuration.md b/docs/observability-centralization-points/metrics-centralization-points/configuration.md
index 60d90660bc..e52f7309ff 100644
--- a/docs/observability-centralization-points/metrics-centralization-points/configuration.md
+++ b/docs/observability-centralization-points/metrics-centralization-points/configuration.md
@@ -56,6 +56,32 @@ Save the file and restart Netdata.
 
 ## Enable TLS/SSL Communication
 
+While encrypting the connection between your parent and child nodes is recommended for security, it's not required to get started.
+
+This example uses self-signed certificates. 
+
+> **Note**  
+> This section assumes you have read the documentation on [how to edit the Netdata configuration files](https://github.com/netdata/netdata/blob/master/docs/netdata-agent/configuration.md).  
+<!-- here we need link to the section that will contain the restarting instructions -->
+
+1. **Parent node**  
+   To generate an SSL key and certificate using `openssl`, take a look at the related section around [Securing Netdata Agents](https://github.com/netdata/netdata/blob/master/src/web/server/README.md#enable-httpstls-support) in our Documentation.
+
+2. **Child node**  
+   Update `stream.conf` to enable SSL/TLS and allow self-signed certificates. Append ':SSL' to the destination and uncomment 'ssl skip certificate verification'.
+
+    ```conf
+    [stream]
+        enabled = yes
+        destination = 203.0.113.0:SSL
+        ssl skip certificate verification = yes
+        api key = 11111111-2222-3333-4444-555555555555
+    ```
+
+3. Restart the Netdata Agent on both the parent and child nodes, to stream encrypted metrics using TLS/SSL.
+
+
+
 ## Troubleshooting Streaming Connections
 
 You can find any issues related to streaming at Netdata logs.