couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject documentation commit: updated refs/heads/master to bdcf506
Date Mon, 27 Oct 2014 11:23:47 GMT
Repository: couchdb-documentation
Updated Branches:
  refs/heads/master 6c9e84e65 -> bdcf50604

Improve documentation of `cacert_file` ssl option

The documentation was incorrect insofar that it only described its
functionality for client verification, although the configuration is
used for server verification as well.


Branch: refs/heads/master
Commit: bdcf50604cf9a185857485f55596829225b76551
Parents: 6c9e84e
Author: Klaus Trainer <>
Authored: Mon Oct 27 12:19:37 2014 +0100
Committer: Klaus Trainer <>
Committed: Mon Oct 27 12:19:37 2014 +0100

 src/config/http.rst | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/config/http.rst b/src/config/http.rst
index f4fade1..2166026 100644
--- a/src/config/http.rst
+++ b/src/config/http.rst
@@ -329,9 +329,12 @@ Secure Socket Level Options
   .. config:option:: cacert_file :: CA Certificate file
-    Path to file containing PEM encoded CA certificates (trusted certificates
-    used for verifying a peer certificate). May be omitted if you do not want
-    to verify the peer::
+    The path to a file containing PEM encoded CA certificates. The CA
+    certificates are used to build the server certificate chain, and for client
+    authentication. Also the CAs are used in the list of acceptable client CAs
+    passed to the client when a certificate is requested. May be omitted if
+    there is no need to verify the client and if there are not any intermediate
+    CAs for the server certificate::
       cacert_file = /etc/ssl/certs/ca-certificates.crt

View raw message