OCPBUGS-22844: Added pk12util tool command to the nw-ovn-ipsec-north-south-enable.adoc doc

Author: dfitzmau

modules/nw-ovn-ipsec-north-south-enable.adoc

@@ -118,8 +118,15 @@ $ oc create -f ipsec-config.yaml
 --
 
 . Create a machine config to add your certificates to the cluster:
-
-.. To create Butane config files for the control plane and worker nodes, enter the following command:
++
+.. Use the `pk12util` tool, which comes prepackaged with {op-system-base-full}, to specify a password that protects `PKCS#12` files by entering the following command. Ensure that you replace the `<password>` value with your password.
++
+[source,terminal]
+----
+$ pk12util -W "<password>" -i /etc/pki/certs/left_server.p12 -d /var/lib/ipsec/nss/
+----
++
+.. To create Butane config files for the control plane and compute nodes, enter the following command:
 +
 [NOTE]
 ====
@@ -178,7 +185,7 @@ $ for role in master worker; do
 EOF
 done
 ----
-
++
 .. To transform the Butane files that you created in the previous step into machine configs, enter the following command:
 +
 [source,terminal]
@@ -217,6 +224,7 @@ By default, the MCO updates one machine per pool at a time, causing the total ti
 ====
 
 . To confirm that IPsec machine configs rolled out successfully, enter the following commands:
++
 .. Confirm that the IPsec machine configs were created:
 +
 [source,terminal]
@@ -230,7 +238,7 @@ $ oc get mc | grep ipsec
 80-ipsec-master-extensions        3.2.0        6d15h
 80-ipsec-worker-extensions        3.2.0        6d15h
 ----
-
++
 .. Confirm that the that the IPsec extension are applied to control plane nodes:
 +
 [source,terminal]
@@ -243,8 +251,8 @@ $ oc get mcp master -o yaml | grep 80-ipsec-master-extensions -c
 ----
 2
 ----
-
-.. Confirm that the that the IPsec extension are applied to worker nodes:
++
+.. Confirm that the that the IPsec extension are applied to compute nodes:
 +
 [source,terminal]
 ----