diff options
| author | Georg Brandl <georg@python.org> | 2009-01-03 21:18:54 +0000 |
|---|---|---|
| committer | Georg Brandl <georg@python.org> | 2009-01-03 21:18:54 +0000 |
| commit | 48310cd3f2e02ced9ae836ccbcb67e9af3097d62 (patch) | |
| tree | 04c86b387c11bfd4835a320e76bbb2ee24626e0d /Doc/library/ssl.rst | |
| parent | 3d3558a4653fcfcbdcbb75bda5d61e93c48f4d51 (diff) | |
| download | cpython-git-48310cd3f2e02ced9ae836ccbcb67e9af3097d62.tar.gz | |
Remove trailing whitespace.
Diffstat (limited to 'Doc/library/ssl.rst')
| -rw-r--r-- | Doc/library/ssl.rst | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index 8e1c6b0091..10c33f9712 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -45,7 +45,7 @@ Functions, Constants, and Exceptions .. exception:: SSLError - Raised to signal an error from the underlying SSL implementation. This + Raised to signal an error from the underlying SSL implementation. This signifies some problem in the higher-level encryption and authentication layer that's superimposed on the underlying network connection. This error is a subtype of :exc:`socket.error`, which @@ -170,7 +170,7 @@ Functions, Constants, and Exceptions >>> import time >>> time.ctime(ssl.cert_time_to_seconds("May 9 00:00:00 2007 GMT")) 'Wed May 9 00:00:00 2007' - >>> + >>> .. function:: get_server_certificate (addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None) @@ -397,7 +397,7 @@ should start with the specific certificate for the principal who "is" the client or server, and then the certificate for the issuer of that certificate, and then the certificate for the issuer of *that* certificate, and so on up the chain till you get to a certificate which is *self-signed*, -that is, a certificate which has the same subject and issuer, +that is, a certificate which has the same subject and issuer, sometimes called a *root certificate*. The certificates should just be concatenated together in the certificate file. For example, suppose we had a three certificate chain, from our server certificate to the @@ -433,13 +433,13 @@ SSL3 or TLS1, you don't need to put the full chain in your "CA certs" file; you only need the root certificates, and the remote peer is supposed to furnish the other certificates necessary to chain from its certificate to a root certificate. -See :rfc:`4158` for more discussion of the way in which +See :rfc:`4158` for more discussion of the way in which certification chains can be built. If you are going to create a server that provides SSL-encrypted connection services, you will need to acquire a certificate for that service. There are many ways of acquiring appropriate certificates, -such as buying one from a certification authority. Another common +such as buying one from a certification authority. Another common practice is to generate a self-signed certificate. The simplest way to do this is with the OpenSSL package, using something like the following:: @@ -581,7 +581,7 @@ Then you'd read data from the ``connstream`` and do something with it till you a And go back to listening for new client connections. - + .. seealso:: Class :class:`socket.socket` |