whatsnew: SSLContext.load_default_certs (#19292).

author R David Murray <rdmurray@bitdance.com>

Sun, 9 Mar 2014 23:41:25 +0000 (19:41 -0400)

committer R David Murray <rdmurray@bitdance.com>

Sun, 9 Mar 2014 23:41:25 +0000 (19:41 -0400)
author R David Murray <rdmurray@bitdance.com>
Sun, 9 Mar 2014 23:41:25 +0000 (19:41 -0400)
committer R David Murray <rdmurray@bitdance.com>
Sun, 9 Mar 2014 23:41:25 +0000 (19:41 -0400)
diff --git a/Doc/whatsnew/3.4.rst b/Doc/whatsnew/3.4.rst

index 8861d8840046217b054596ebd1b7b77cccedc268..2d61cda51de166c556ae6c3db4c6138c09b0adfd 100644 (file)
--- a/Doc/whatsnew/3.4.rst
+++ b/Doc/whatsnew/3.4.rst
@@ -1318,6 +1318,15 @@ constants :data:`~ssl.VERIFY_DEFAULT`, :data:`~ssl.VERIFY_CRL_CHECK_LEAF`,
  OpenSSL does not do any CRL verification by default.  (Contributed by
  Christien Heimes in :issue:`8813`.)
  
+New :class:`~ssl.SSLContext` method :meth:`~ssl.SSLContext.load_default_certs`
+loads a set of dfault "certificate authority" (CA) certificates from default
+locations, which vary according to the platform.  It can be used to load both
+TLS web server authentication certificates
+(``purpose=``:data:`~ssl.Purpose.SERVER_AUTH`) for a client to use to verify a
+server, and certificates for a server to use in verifying client certificates
+(``purpose=``:data:`~ssl.Purpose.CLIENT_AUTH`).  (Contributed by Christian
+Heimes in :issue:`19292`.)
+
  
  stat
  ----
author	R David Murray <rdmurray@bitdance.com>
	Sun, 9 Mar 2014 23:41:25 +0000 (19:41 -0400)
committer	R David Murray <rdmurray@bitdance.com>
	Sun, 9 Mar 2014 23:41:25 +0000 (19:41 -0400)