You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@libcloud.apache.org by to...@apache.org on 2013/08/03 18:00:43 UTC

[7/7] git commit: Port "SSL Certificate Validation" documentation section.

Port "SSL Certificate Validation" documentation section.


Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo
Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/73bd3828
Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/73bd3828
Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/73bd3828

Branch: refs/heads/trunk
Commit: 73bd382891e6b168eafcb7e5dd04d5e1f62b4b6a
Parents: 75ac8ca
Author: Tomaz Muraus <to...@apache.org>
Authored: Sat Aug 3 17:59:22 2013 +0200
Committer: Tomaz Muraus <to...@apache.org>
Committed: Sat Aug 3 17:59:22 2013 +0200

----------------------------------------------------------------------
 docs/other/ssl-certificate-validation.rst | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/libcloud/blob/73bd3828/docs/other/ssl-certificate-validation.rst
----------------------------------------------------------------------
diff --git a/docs/other/ssl-certificate-validation.rst b/docs/other/ssl-certificate-validation.rst
new file mode 100644
index 0000000..ec02782
--- /dev/null
+++ b/docs/other/ssl-certificate-validation.rst
@@ -0,0 +1,26 @@
+SSL Certificate Validation
+==========================
+
+When establishing a secure connection to a cloud provider endpoint,
+Libcloud verifies server SSL certificate. By default, Libcloud searches
+paths listed in ``libcloud.security.CA_CERTS_PATH`` for CA certificate files.
+
+``CA_CERTS_PATH`` contains common paths to CA bundle installations on the
+following platforms:
+
+* openssl on CentOS / Fedora
+* ca-certificates on Debian / Ubuntu / Arch / Gentoo
+* ca_root_nss on FreeBSD
+* curl-ca-bundle on Mac OS X
+
+If no valid CA certificate files are found, you will see an error message
+similar to the one bellow:
+
+``No CA Certificates were found in CA_CERTS_PATH.``
+
+Acquiring CA Certificates
+-------------------------
+
+If the above packages are unavailable to you, and you don't wish to roll
+your own, the makers of cURL provides an excellent resource, generated
+from Mozilla: http://curl.haxx.se/docs/caextract.html.