doc: apply missed suggestions from previous commit

launchbadge · Sep 26, 2023 · a859ffa · a859ffa
1 parent bbb8701
commit a859ffa
Showing 1 changed file with 24 additions and 4 deletions.
diff --git a/sqlx-postgres/src/options/mod.rs b/sqlx-postgres/src/options/mod.rs
@@ -344,16 +344,26 @@ impl PgConnectOptions {
         self
     }
 
-    /// Sets the SSL client certificate from a byte slice.
+    /// Sets the SSL client certificate as a PEM-encoded byte slice.
+    ///
+    /// This should be an ASCII-encoded blob that starts with `-----BEGIN CERTIFICATE-----`.
     ///
     /// # Example
+    /// Note: embedding SSL certificates and keys in the binary is not advised.
+    /// This is for illustration purposes only. 
     ///
     /// ```rust
     /// # use sqlx_core::postgres::{PgSslMode, PgConnectOptions};
+    ///
+    /// const CERT: &[u8] = b"\ 
+    /// -----BEGIN CERTIFICATE-----
+    /// <Certificate data here.>
+    /// -----END CERTIFICATE-----";
+    ///    
     /// let options = PgConnectOptions::new()
     ///     // Providing a CA certificate with less than VerifyCa is pointless
     ///     .ssl_mode(PgSslMode::VerifyCa)
-    ///     .ssl_client_cert_from_pem(vec![]);
+    ///     .ssl_client_cert_from_pem(CERT);
     /// ```
     pub fn ssl_client_cert_from_pem(mut self, cert: impl AsRef<[u8]>) -> Self {
         self.ssl_client_cert = Some(CertificateInput::Inline(cert.as_ref().to_vec()));
@@ -376,16 +386,26 @@ impl PgConnectOptions {
         self
     }
 
-    /// Sets the SSL client key from a byte slice.
+    /// Sets the SSL client key as a PEM-encoded byte slice.
+    ///
+    /// This should be an ASCII-encoded blob that starts with `-----BEGIN PRIVATE KEY-----`.
     ///
     /// # Example
+    /// Note: embedding SSL certificates and keys in the binary is not advised.
+    /// This is for illustration purposes only. 
     ///
     /// ```rust
     /// # use sqlx_core::postgres::{PgSslMode, PgConnectOptions};
+    ///
+    /// const KEY: &[u8] = b"\ 
+    /// -----BEGIN PRIVATE KEY-----
+    /// <Private key data here.>
+    /// -----END PRIVATE KEY-----";
+    ///
     /// let options = PgConnectOptions::new()
     ///     // Providing a CA certificate with less than VerifyCa is pointless
     ///     .ssl_mode(PgSslMode::VerifyCa)
-    ///     .ssl_client_key_from_pem(vec![]);
+    ///     .ssl_client_key_from_pem(KEY);
     /// ```
     pub fn ssl_client_key_from_pem(mut self, key: impl AsRef<[u8]>) -> Self {
         self.ssl_client_key = Some(CertificateInput::Inline(key.as_ref().to_vec()));