diff options
| -rw-r--r-- | docs/x509/reference.rst | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index ef734f88..07a692a8 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -462,8 +462,13 @@ X.509 Certificate Object certificate validation is a complex problem that involves much more than just signature checks. - An example on how to check if a certificate signature is correct with a method - on the public key (this does not mean that the cert should be trusted): + To validate the signature on a certificate you can do the following. + Note: This only verifies that the certificate was signed with the + private key associated with the public key provided and does not + perform any of the other checks needed for secure certificate + validation. Additionally, this example will only work for RSA public + keys with ``PKCS1v15`` signatures, and so it can't be used for general + purpose signature verification. .. doctest:: |