diff --git a/doc/api/https.markdown b/doc/api/https.markdown index 6b688668f7f47e..5aa061e45938fd 100644 --- a/doc/api/https.markdown +++ b/doc/api/https.markdown @@ -164,8 +164,9 @@ The following options from [`tls.connect()`][] can also be specified. However, a - `key`: Private key to use for SSL. Default `null`. - `passphrase`: A string of passphrase for the private key or pfx. Default `null`. - `cert`: Public x509 certificate to use. Default `null`. -- `ca`: An authority certificate or array of authority certificates to check - the remote host against. +- `ca`: A string, `Buffer` or array of strings or `Buffer`s of trusted + certificates in PEM format. If this is omitted several well known "root" + CAs will be used, like VeriSign. These are used to authorize connections. - `ciphers`: A string describing the ciphers to use or exclude. Consult for details on the format. diff --git a/doc/api/tls.markdown b/doc/api/tls.markdown index 618a3574715fa1..4c5d868685d3d9 100644 --- a/doc/api/tls.markdown +++ b/doc/api/tls.markdown @@ -546,9 +546,9 @@ Creates a new client connection to the given `port` and `host` (old API) or - `cert`: A string or `Buffer` containing the certificate key of the client in PEM format. (Could be an array of certs). - - `ca`: An array of strings or `Buffer`s of trusted certificates in PEM - format. If this is omitted several well known "root" CAs will be used, - like VeriSign. These are used to authorize connections. + - `ca`: A string, `Buffer` or array of strings or `Buffer`s of trusted + certificates in PEM format. If this is omitted several well known "root" + CAs will be used, like VeriSign. These are used to authorize connections. - `ciphers`: A string describing the ciphers to use or exclude, separated by `:`. Uses the same default cipher suite as `tls.createServer`. @@ -643,8 +643,9 @@ dictionary with keys: objects in the format `{pem: key, passphrase: passphrase}`. (Required) * `passphrase` : A string of passphrase for the private key or pfx * `cert` : A string holding the PEM encoded certificate -* `ca` : Either a string or list of strings of PEM encoded CA - certificates to trust. +* `ca`: A string, `Buffer` or array of strings or `Buffer`s of trusted + certificates in PEM format. If this is omitted several well known "root" + CAs will be used, like VeriSign. These are used to authorize connections. * `crl` : Either a string or list of strings of PEM encoded CRLs (Certificate Revocation List) * `ciphers`: A string describing the ciphers to use or exclude. @@ -704,9 +705,9 @@ automatically set as a listener for the [`'secureConnection'`][] event. The - `cert`: A string or `Buffer` containing the certificate key of the server in PEM format. (Could be an array of certs). (Required) - - `ca`: An array of strings or `Buffer`s of trusted certificates in PEM - format. If this is omitted several well known "root" CAs will be used, - like VeriSign. These are used to authorize connections. + - `ca`: A string, `Buffer` or array of strings or `Buffer`s of trusted + certificates in PEM format. If this is omitted several well known "root" + CAs will be used, like VeriSign. These are used to authorize connections. - `crl` : Either a string or list of strings of PEM encoded CRLs (Certificate Revocation List)