Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doc: createServer's key option can be an array #3123

Closed
wants to merge 3 commits into from
Closed

doc: createServer's key option can be an array #3123

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2d058c4
doc: createServer's key option can be an array
thefourtheye Sep 30, 2015
226ee11
Mention different algorithms
thefourtheye Sep 30, 2015
733146d
fixed sentence as per silverwind's suggestion
thefourtheye Oct 25, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions doc/api/tls.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,10 @@ automatically set as a listener for the [secureConnection][] event. The
the `key`, `cert` and `ca` options.)

- `key`: A string or `Buffer` containing the private key of the server in
PEM format. (Could be an array of keys). (Required)
PEM format. It can also be an array of keys. The array can either be of
just keys or if you have different passphrases for the keys, then the
array elements can be of the form `{pem: key, passphrase: passphrase}` and
the keys should use different algorithms. (Required)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What kind of algorithms is and the keys should use different algorithms referring to?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ping @thefourtheye: could you clarify? Otherwise LGTM

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@silverwind The examples are ECDSA and RSA. Should we really mention them in the docs?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My gut thought is to remove that and the keys should use different algorithms altogether.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@silverwind Hmmm, it was @indutny's suggestion. Let's see what he feels about this.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, I see. I think your wording is a bit confusing. How about something like this?

`key`: A string or `Buffer` containing the private key of the server in
PEM format. To support multiple keys using different algorithms, an array
can be provided. It can either be a plain array of keys, or an array of
objects in the form of {pem: key, passphrase: passphrase}. (Required)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@silverwind Ya, it looks better. I updated the PR now. PTAL.


- `passphrase`: A string of passphrase for the private key or pfx.

Expand Down Expand Up @@ -486,7 +489,11 @@ dictionary with keys:

* `pfx` : A string or buffer holding the PFX or PKCS12 encoded private
key, certificate and CA certificates
* `key` : A string holding the PEM encoded private key
* `key`: A string or `Buffer` containing the private key of the server in
PEM format. It can also be an array of keys. The array can either be of
just keys or if you have different passphrases for the keys, then the
array elements can be of the form `{pem: key, passphrase: passphrase}` and
the keys should use different algorithms. (Required)
* `passphrase` : A string of passphrase for the private key or pfx
* `cert` : A string holding the PEM encoded certificate
* `ca` : Either a string or list of strings of PEM encoded CA
Expand Down