(#3120) Fixup default descriptions
PR 916 had some poorly formatted descriptions for the new options. This
patch cleans up those descriptions and makes their relationship to
localcacert more clear.
The new look is:
- Where each client stores the CA certificate.
- The default value is '$certdir/ca.pem'. localcacert = /etc/puppet/ssl/certs/ca.pem
- Certificate authorities who issue server certificates. SSL servers will not be
- considered authentic unless they posses a certificate issued by an authority
- listed in this file. If this setting has no value then the Puppet master's CA
- certificate (localcacert) will be used.
- ssl_client_ca_auth =
- Certificate authorities who issue client certificates. SSL clients will not be
- considered authentic unless they posses a certificate issued by an authority
- listed in this file. If this setting has no value then the Puppet master's CA
- certificate (localcacert) will be used.
- ssl_server_ca_auth =