From ddb45bfab40b84e630801237fb3ef0583a024422 Mon Sep 17 00:00:00 2001
From: James Munnelly <james.munnelly@jetstack.io>
Date: Fri, 13 Oct 2017 15:29:31 +0100
Subject: [PATCH] Update documentation examples

---
 README.md                      |  2 ++
 docs/api-types/issuer/spec.md  | 24 +++++++++++++++++++-----
 docs/examples/acme-issuer.yaml |  2 ++
 3 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index e9582c73a..51140baad 100644
--- a/README.md
+++ b/README.md
@@ -77,6 +77,8 @@ spec:
     # Name of a secret used to store the ACME account private key
     privateKeySecretRef:
       name: letsencrypt-staging
+    # Enable the HTTP-01 challenge provider
+    http-01: {}
     # ACME dns-01 provider configurations
     dns-01:
       # Here we define a list of DNS-01 providers that can solve DNS challenges
diff --git a/docs/api-types/issuer/spec.md b/docs/api-types/issuer/spec.md
index d2b4c11ea..85a3c25bb 100644
--- a/docs/api-types/issuer/spec.md
+++ b/docs/api-types/issuer/spec.md
@@ -34,11 +34,25 @@ configuring credentials for a DNS provider.
 
 ### ACME issuer HTTP01 configuration
 
-The ACME issuer does not require any additional configuration in order to
-support HTTP01 challenge validation. All valid ACME issuers are able to issue
-certificates validated with HTTP01 by creating or manipulating Ingress
-resources in the Kubernetes API server. The installed ingress controller will
-then configure routes to solve ACME challenges automatically.
+In order to allow HTTP01 challenges to be solved, we must enable the HTTP01
+challenge provider on our Issuer resource. This can be done through setting the
+`http-01` field on the `issuer.spec.acme` stanza. Cert-manager will then create
+and manage Ingress rules in the Kubernetes API server in order to solve HTTP-01
+based challenges.
+
+```yaml
+apiVersion: certmanager.k8s.io
+kind: Issuer
+metadata:
+  name: example-issuer
+spec:
+  acme:
+    email: user@example.com
+    server: https://acme-staging.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: example-issuer-account-key
+    http-01: {}
+```
 
 ### ACME issuer with no configured DNS providers
 
diff --git a/docs/examples/acme-issuer.yaml b/docs/examples/acme-issuer.yaml
index 7d7bcdec5..6384e83a1 100644
--- a/docs/examples/acme-issuer.yaml
+++ b/docs/examples/acme-issuer.yaml
@@ -11,6 +11,8 @@ spec:
     # Name of a secret used to store the ACME account private key
     privateKeySecretRef:
       name: letsncrypt-prod
+    # Enable the HTTP-01 challenge provider
+    http-01: {}
     # ACME dns-01 provider configurations
     dns-01:
       # Here we define a list of DNS-01 providers that can solve DNS challenges