From b1db8463865a8cb5fb63a4ca4184bbc35998a2aa Mon Sep 17 00:00:00 2001
From: Konrad Bucheli <konrad.bucheli@psi.ch>
Date: Thu, 22 Dec 2022 16:36:51 +0100
Subject: [PATCH] add hint about encrypted backups for SSL private keys

---
 admin-guide/operations/certificates.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin-guide/operations/certificates.md b/admin-guide/operations/certificates.md
index 37177ba0..8601d887 100644
--- a/admin-guide/operations/certificates.md
+++ b/admin-guide/operations/certificates.md
@@ -49,7 +49,7 @@ DigiCert will send an email including instructions on how to download the certif
 
 Our teams practice is to always create a new private key and to back it up encrypted in Gitlab, either
 - in Hiera as [EYAML](https://linux.psi.ch/admin-guide/puppet/hiera.html#secret-values)
-- for central infrastructure hosts in their [bootstrap repository](https://git.psi.ch/linux-infra/bootstrap)
+- for central infrastructure hosts GPG encrypted in their [bootstrap repository](https://git.psi.ch/linux-infra/bootstrap)
 - for the rest in our [team secret store](https://git.psi.ch/linux-infra/core-linux-secrets)