From 249ccd1d8135f4c9d471ac9f4fd8288cebf4d21f Mon Sep 17 00:00:00 2001
From: Rachel Elledge <rachel.elledge@redislabs.com>
Date: Wed, 11 Dec 2024 15:27:48 -0600
Subject: [PATCH] DOC-4630 DOC-4629 Feedback updates to fix cert-based auth
 steps in release notes

---
 .../rs-7-8-releases/rs-7-8-4-tba.md           | 22 +++++++++++++------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-4-tba.md b/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-4-tba.md
index 6f8a1369c..8b508160b 100644
--- a/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-4-tba.md
+++ b/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-4-tba.md
@@ -32,6 +32,16 @@ This version offers:
 
     - To set up certificate-based authentication, use [REST API]({{<relref "/operate/rs/references/rest-api">}}) requests to do the following:
 
+        1. Configure a trusted CA certificate `mtls_trusted_ca` using an [update cluster certificate]({{<relref "/operate/rs/references/rest-api/requests/cluster/certificates#put-cluster-update_cert">}}) request:
+
+            ```sh
+            PUT /v1/cluster/update_cert
+            {
+              "name": "mtls_trusted_ca",
+              "certificate": "<content of certificate PEM file>"
+            }
+            ```
+
         1. [Update cluster settings]({{<relref "/operate/rs/references/rest-api/requests/cluster#put-cluster">}}) with mutual TLS configuration:
 
             ```sh
@@ -49,19 +59,17 @@ This version offers:
               }]
             }
             ```
-        
-        1. Configure a trusted CA certificate `mtls_trusted_ca` using an [update cluster certificate]({{<relref "/operate/rs/references/rest-api/requests/cluster/certificates#put-cluster-update_cert">}}) request:
+
+        1. Include `"auth_method": "certificate"` and `certificate_subject_line` in the request body when you [create new users]({{<relref "/operate/rs/references/rest-api/requests/users#post-user">}}) or [update existing users]({{<relref "/operate/rs/references/rest-api/requests/users#put-user">}}):
 
             ```sh
-            PUT /v1/cluster/update_cert
+            POST /v1/users | PUT /v1/users/<user-id>
             {
-              "name": "mtls_trusted_ca",
-              "certificate": "<content of certificate PEM file>"
+              "auth_method": "certificate",
+              "certificate_subject_line": "<subject of the user's client certificate>"
             }
             ```
 
-        1. Include `"auth_method": "certificate"` in the request body when you [create new users]({{<relref "/operate/rs/references/rest-api/requests/users#post-user">}}) or [update existing users]({{<relref "/operate/rs/references/rest-api/requests/users#put-user">}}).
-
     - Limitations: 
 
         - Certificate-based authentication is not implemented for the Cluster Manager UI.