From 32fc976a334b94b248eaad8d4064ad3aa1484ef3 Mon Sep 17 00:00:00 2001
From: vaerh <64400271+vaerh@users.noreply.github.com>
Date: Tue, 28 May 2024 09:46:56 +0300
Subject: [PATCH] docs(certificate-sign): Add a little help on certificate
 signing (#471)

Fixes #467
---
 .../resources/system_certificate.md.tmpl      | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 templates/resources/system_certificate.md.tmpl

diff --git a/templates/resources/system_certificate.md.tmpl b/templates/resources/system_certificate.md.tmpl
new file mode 100644
index 00000000..bf424187
--- /dev/null
+++ b/templates/resources/system_certificate.md.tmpl
@@ -0,0 +1,27 @@
+# {{.Name}} ({{.Type}})
+{{ .Description | trimspace }}
+
+Certificate resource management consists of two independent processes:
+* key creation and certificate signing request (`key` + `csr`)
+* certificate signing by the issuer (`crt`)
+
+For a complete certificate creation cycle, both of the above steps must be performed. In this case the `sign {}` block must be specified in the configuration.
+
+If you need to import the current state of the certificate resource, then do not specify the `sign{}` block.
+
+Importing an external certificate is also done without specifying the `sign{}` block, because the certificate should have already been signed by the issuer at this step.
+
+---
+
+{{ if .HasExample -}}
+## Example Usage
+{{ tffile .ExampleFile }}
+{{- end }}
+
+{{ .SchemaMarkdown | trimspace }}
+
+{{ if .HasImport -}}
+## Import
+Import is supported using the following syntax:
+{{ codefile "shell" .ImportFile }}
+{{- end }}