From 3fd8ccdb7eb2833c3cd78f684d62442b8917aad5 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Javier=20B=C3=A9rtoli?= <jbertoli@curii.com>
Date: Mon, 28 Feb 2022 15:34:52 -0300
Subject: [PATCH] 18785: edit documentation, addressing review comments
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Arvados-DCO-1.1-Signed-off-by: Javier Bértoli <jbertoli@curii.com>
---
 doc/install/salt-single-host.html.textile.liquid | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/install/salt-single-host.html.textile.liquid b/doc/install/salt-single-host.html.textile.liquid
index 3610741b41..2691332fd9 100644
--- a/doc/install/salt-single-host.html.textile.liquid
+++ b/doc/install/salt-single-host.html.textile.liquid
@@ -87,7 +87,9 @@ cp -r config_examples/single_host/single_hostname local_config_dir
 
 Edit the variables in the <i>local.params</i> file. Pay attention to the <b>*_PORT, *_TOKEN</b> and <b>*KEY</b> variables.
 
-The <i>single_host</i> examples use self-signed SSL certificates, which are deployed using the same mechanism used to deploy custom certificates.
+The <i>single_host</i> examples use self-signed SSL certificates by default, which are deployed using the same mechanism used to deploy custom certificates.
+
+When setting (SSL_MODE=lets-encrypt), please note: When using AWS, EC2 instances can have a default hostname that ends with `amazonaws.com`. Let's Encrypt has a blacklist of domain names for which it will not issue certificates, and that blacklist includes the `amazonaws.com` domain. In order to use Let's Encrypt certificates on AWS EC2, you will need to bring your own domain name and point a hostname in that domain at your EC2 instance.
 
 h3(#single_host_multiple_hostnames). Single host / multiple hostnames (Alternative configuration)
 <notextile>
-- 
2.30.2