From 23780f846fe27983dcd4e713b679103505f0eff8 Mon Sep 17 00:00:00 2001
From: Paul Buetow <paul@buetow.org>
Date: Thu, 5 Feb 2026 12:01:16 +0200
Subject: Remove macOS and Windows CA trust instructions

Keep only Linux/FreeBSD setup instructions that match the actual
infrastructure. Removed unnecessary platform-specific instructions
for macOS and Windows from the Client-side CA trust section.
---
 .../2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl   | 13 +------------
 1 file changed, 1 insertion(+), 12 deletions(-)

diff --git a/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl b/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl
index 33f7827a..7a054ed6 100644
--- a/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl
+++ b/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl
@@ -384,24 +384,13 @@ $ kubectl get secret selfsigned-ca-secret -n cert-manager -o jsonpath='{.data.ca
     base64 -d > f3s-lan-ca.crt
 ```
 
-**On Linux (Fedora/Rocky):**
+Install the CA certificate on Linux (Fedora/Rocky):
 
 ```sh
 $ sudo cp f3s-lan-ca.crt /etc/pki/ca-trust/source/anchors/
 $ sudo update-ca-trust
 ```
 
-**On macOS:**
-
-```sh
-$ sudo security add-trusted-cert -d -r trustRoot \
-    -k /Library/Keychains/System.keychain f3s-lan-ca.crt
-```
-
-**On Windows:**
-
-Import `f3s-lan-ca.crt` into "Trusted Root Certification Authorities" via `certmgr.msc`.
-
 After trusting the CA, browsers will accept the LAN certificates without warnings.
 
 *CARP failover testing*:
-- 
cgit v1.2.3