From 2f8f2680735ae012e8c411e7a1bc2f9bf0cf819f Mon Sep 17 00:00:00 2001 From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com> Date: Wed, 22 Oct 2025 11:37:24 -0400 Subject: [PATCH] Best practice Hydrant certificates (#34465) Feedback from `customer-cisneros` on 2025-10-17 --- articles/connect-end-user-to-wifi-with-certificate.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/articles/connect-end-user-to-wifi-with-certificate.md b/articles/connect-end-user-to-wifi-with-certificate.md index 1683f32c3c..19216efcf5 100644 --- a/articles/connect-end-user-to-wifi-with-certificate.md +++ b/articles/connect-end-user-to-wifi-with-certificate.md @@ -466,7 +466,8 @@ jq -r .certificate response.json > /opt/company/certificate.pem This script assumes that your company installs a custom Company Portal app or something similar at `/opt/company`, gathers the user's IdP session information, uses username and a password to protect the private key from `/opt/company/userinfo`, and installs that the certificate in `/opt/company`. You will want to modify it to match your company's requirements. -The `userinfo` file in the scripts looks like the below. However, the variables could be loaded from the output of a command or even a separate network request depending on your requirements: +For simplicity, the scripts use a `userinfo` file (below). However, the best practice is to load variables from the output of a command or even a separate network request: + ```shell PASSWORD="" USERNAME=""