From c267639daa0cc0ef55501fcdc8c385292a9ed927 Mon Sep 17 00:00:00 2001
From: Brian White <mscdex@mscdex.net>
Date: Wed, 27 Jun 2018 03:07:13 -0400
Subject: doc: clarify ciphers option format

PR-URL: https://github.com/nodejs/node/pull/21557
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
---
 doc/api/tls.md | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'doc/api/tls.md')

diff --git a/doc/api/tls.md b/doc/api/tls.md
index 9d71308887..e69d0ea17e 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -1050,6 +1050,8 @@ changes:
     certificate, and the handshake will fail.
   * `ciphers` {string} Optional cipher suite specification, replacing the
     default. For more information, see [modifying the default cipher suite][].
+    Permitted ciphers can be obtained via [`tls.getCiphers()`][]. Cipher names
+    must be uppercased in order for OpenSSL to accept them.
   * `clientCertEngine` {string} Optional name of an OpenSSL engine which can
     provide the client certificate.
   * `crl` {string|string[]|Buffer|Buffer[]} Optional PEM formatted
@@ -1386,6 +1388,7 @@ where `secureSocket` has the same API as `pair.cleartext`.
 [`tls.createSecureContext()`]: #tls_tls_createsecurecontext_options
 [`tls.createSecurePair()`]: #tls_tls_createsecurepair_context_isserver_requestcert_rejectunauthorized_options
 [`tls.createServer()`]: #tls_tls_createserver_options_secureconnectionlistener
+[`tls.getCiphers()`]: #tls_tls_getciphers
 [Chrome's 'modern cryptography' setting]: https://www.chromium.org/Home/chromium-security/education/tls#TOC-Cipher-Suites
 [DHE]: https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
 [ECDHE]: https://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman
-- 
cgit v1.2.3