Add docs for self-signed cert (#432)

Signed-off-by: xinyanw409 <[email protected]>

docs/guest.md

@@ -50,6 +50,10 @@ Please refer to [velero-plugin-for-vsphere tags](https://github.com/vmware-tanzu
 
 If it is an air-gapped environment, please refer to [Install Notes with Customized Images](install-notes.md) for extra required steps.
 
+#### Install with self-signed certificate
+
+To use velero-plugin-for-vsphere with a storage provider secured by a self-signed certificate, please refer to [velero-plugin-for-vsphere with a storage provider secured by a self-signed certificate](self-signed-certificate.md).
+
 ## Uninstall
 
 To uninstall the plugin, run the following command to remove the **InitContainer** of velero-plugin-for-vsphere from the Velero deployment first.

docs/self-signed-certificate.md

@@ -0,0 +1,26 @@
+# Self-signed certificate
+
+Velero starts to support installing default BackupStorageLocation with self-signed certificate from v1.4.2. More details please refer to https://velero.io/docs/v1.7/self-signed-certificates/.
+
+To keep consistency with velero, Velero plugin for vsphere also supports using velero-plugin-for-vsphere with a storage provider secured by a self-signed certificate.
+
+* Vanilla cluster: supported since v1.1.1
+* Guest cluster: supported since v1.1.1
+* Supervisor cluster: not supported
+
+To install with a storage provider secured by a self-signed certificate, the --cacert option needs to be added to provide a path to a certificate bundle to trust.
+
+Here is an example install command:
+```text
+BUCKET=velero-minio
+REGION=minio
+S3URL=<s3url>
+CACERT=./certs/public.crt
+velero install --provider aws \
+                --bucket $BUCKET \
+                --secret-file ./credentials-velero \
+                --plugins velero/velero-plugin-for-aws:v1.0.0 \
+                --snapshot-location-config region=$REGION \
+                --backup-location-config region=$REGION,s3ForcePathStyle="true",s3Url=$S3URL \
+                --cacert $CACERT
+```

docs/supervisor.md

@@ -36,6 +36,10 @@ for the detail.
 
 **Note**: `Velero vSphere Operator` CLI that comes with `Velero vSphere Operator` aims to provide a similar user experience as the Velero CLI in install and uninstall operations. For other Velero operations, users must continue to use the Velero CLI. Please download `Velero vSphere Operator` CLI [from here](https://github.com/vmware-tanzu/velero-plugin-for-vsphere/releases/download/v1.1.0/velero-vsphere-1.1.0-linux-amd64.tar.gz) if you haven't done so.
 
+### Install with self-signed certificate
+
+**Note**: Currently self-signed certificate is not supported on supervisor cluster, please refer to [velero-plugin-for-vsphere with a storage provider secured by a self-signed certificate](self-signed-certificate.md).
+
 ## Uninstall
 
 In a vSphere with Tanzu Supervisor cluster, users should use `Velero vSphere Operator` CLI to uninstall [Uninstalling Velero on Supervisor cluster](velero-vsphere-operator-user-manual.md#uninstalling-velero-on-supervisor-cluster).

docs/vanilla.md

@@ -61,6 +61,10 @@ Please refer to [velero-plugin-for-vsphere tags](https://github.com/vmware-tanzu
 
 If it is an air-gapped environment, please refer to [Install Notes with Customized Images](install-notes.md) for extra required steps.
 
+#### Install with self-signed certificate
+
+To use velero-plugin-for-vsphere with a storage provider secured by a self-signed certificate, please refer to [velero-plugin-for-vsphere with a storage provider secured by a self-signed certificate](self-signed-certificate.md).
+
 ## Uninstall
 
 To uninstall the plugin, run the following command to remove the InitContainer of velero-plugin-for-vsphere from the Velero deployment first.