crypto/tls: document certificate chains in LoadX509KeyPair

Fixes #15348 Change-Id: I9e0e1e3a26fa4cd697d2c613e6b4952188b7c7e1 Reviewed-on: https://go-review.googlesource.com/23150Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

crypto/tls: document certificate chains in LoadX509KeyPair
Fixes #15348 Change-Id: I9e0e1e3a26fa4cd697d2c613e6b4952188b7c7e1 Reviewed-on: https://go-review.googlesource.com/23150Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
5ccd571f · Scott Bell · Brad Fitzpatrick · ccdca832 · 5ccd571f
Commit 5ccd571f authored May 16, 2016 by Scott Bell Committed by Brad Fitzpatrick May 16, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 4 deletions

src/crypto/tls/tls.go src/crypto/tls/tls.go +5 -4

No files found.
--- a/src/crypto/tls/tls.go
+++ b/src/crypto/tls/tls.go
@@ -170,10 +170,11 @@ func Dial(network, addr string, config *Config) (*Conn, error) {
 	return DialWithDialer(new(net.Dialer), network, addr, config)
 }

-// LoadX509KeyPair reads and parses a public/private key pair from a pair of
-// files. The files must contain PEM encoded data. On successful return,
-// Certificate.Leaf will be nil because the parsed form of the certificate is
-// not retained.
+// LoadX509KeyPair reads and parses a public/private key pair from a pair
+// of files. The files must contain PEM encoded data. The certificate file
+// may contain intermediate certificates following the leaf certificate to
+// form a certificate chain. On successful return, Certificate.Leaf will
+// be nil because the parsed form of the certificate is not retained.
 func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) {
 	certPEMBlock, err := ioutil.ReadFile(certFile)
 	if err != nil {