Updating the documentation related to feature to start server in SSL mode.

lokeshrangineni · lokeshrangineni · commit 459a5b64ddeb · 2024-10-24T23:47:19.000-04:00
Signed-off-by: lrangine &lt;19699092+lokeshrangineni@users.noreply.github.com&gt;

Signed-off-by: lrangine &lt;19699092+lokeshrangineni@users.noreply.github.com&gt;
diff --git a/docs/how-to-guides/tls/adding-tls-support-online-server.md b/docs/how-to-guides/tls/adding-tls-support-online-server.md
diff --git a/docs/reference/feature-servers/python-feature-server.md b/docs/reference/feature-servers/python-feature-server.md
@@ -200,6 +200,26 @@ requests.post(
     data=json.dumps(push_data))
 ```
 
+## Starting feature server in SSL mode
+
+### Obtaining a self-signed SSL certificate and key
+In development mode we can generate self-signed certificate for testing purpose. In actual production environment it is always recommended to get it from the popular SSL certificate providers.
+
+```shell
+openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes
+```
+
+The above command will generate two files
+* `key.pem` : certificate private key
+* `cert.pem`: certificate public key
+
+### Starting Online Server in SSL Mode
+To start the feature server in SSL mode, you need to provide the private and public keys using the `--ssl-key-path` and `--ssl-cert-path` arguments with the `feast serve` command.
+
+```shell
+feast serve --ssl-key-path key.pem --ssl-cert-path cert.pem
+```
+
 # Online Feature Server Permissions and Access Control
 
 ## API Endpoints and Permissions
diff --git a/docs/reference/online-stores/remote.md b/docs/reference/online-stores/remote.md
@@ -16,12 +16,15 @@ provider: local
 online_store:
   path: http://localhost:6566
   type: remote
+  ssl_cert_path: /path/to/cert.pem
 entity_key_serialization_version: 2
 auth:
   type: no_auth
 ```
 {% endcode %}
 
+`ssl_cert_path` is optional configuration. Path to the public certificate path in case if the online server starts in SSL mode. This may be needed especially if online server started with a self-signed certificate, typically this file ends with .crt, .cer, or .pem.
+
 ## How to configure Authentication and Authorization
 Please refer the [page](./../../../docs/getting-started/concepts/permission.md) for more details on how to configure authentication and authorization.
 
diff --git a/sdk/python/feast/infra/online_stores/remote.py b/sdk/python/feast/infra/online_stores/remote.py
@@ -42,7 +42,7 @@ class RemoteOnlineStoreConfig(FeastConfigBaseModel):
     If type is 'remote', then this is a URL for registry server """
 
     ssl_cert_path: StrictStr = ""
-    """ str: Path to the public certificate path in case if the online server starts in SSL mode. This may be needed especially if it is a self signed certificate, typically this file ends with .crt, .cer, or .pem.
+    """ str: Path to the public certificate in case if the online server starts in SSL mode. This may be needed especially if online server started with a self-signed certificate, typically this file ends with .crt, .cer, or .pem.
     If type is 'remote', then this configuration is needed to connect to remote online server in SSL mode. """
 
 
