From 6d92c28c5ced8cbb30506b50833cb7787548beee Mon Sep 17 00:00:00 2001
From: Brian Shumate <brian@brianshumate.com>
Date: Fri, 2 Mar 2018 10:41:09 -0500
Subject: [PATCH] Clarify encrypt key for WAN joined DCs

---
 website/source/docs/agent/encryption.html.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/website/source/docs/agent/encryption.html.md b/website/source/docs/agent/encryption.html.md
index d61b384f01..284d918c95 100644
--- a/website/source/docs/agent/encryption.html.md
+++ b/website/source/docs/agent/encryption.html.md
@@ -18,6 +18,8 @@ Enabling gossip encryption only requires that you set an encryption key when
 starting the Consul agent. The key can be set via the `encrypt` parameter: the
 value of this setting is a configuration file containing the encryption key.
 
+~> **WAN Joined Datacenters Note:** If using multiple WAN joined datacenters, be sure to use _the same encryption key_ in all datacenters.
+
 The key must be 16-bytes, Base64 encoded. As a convenience, Consul provides the
 [`consul keygen`](/docs/commands/keygen.html) command to generate a
 cryptographically suitable key: