From 7a2c67cf53da9cf5d7e508340fb353f6a1c25c37 Mon Sep 17 00:00:00 2001
From: Eric Bickle <ebickle@users.noreply.github.com>
Date: Fri, 8 May 2020 07:37:50 -0700
Subject: [PATCH] doc: correct tls.rootCertificates to match implementation

Update tls.rootCertificates documentation to clarify that it returns
the bundled Node.js root certificates rather than the root certificates
used by tls.createSecureContext.

Fixes: https://github.com/nodejs/node/issues/32074
Refs: https://github.com/nodejs/node/issues/32229

PR-URL: https://github.com/nodejs/node/pull/33313
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 doc/api/tls.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/doc/api/tls.md b/doc/api/tls.md
index d464e1186ebc5e..2c6a49ac5f84ae 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -1791,8 +1791,10 @@ added: v12.3.0
 * {string[]}
 
 An immutable array of strings representing the root certificates (in PEM format)
-used for verifying peer certificates. This is the default value of the `ca`
-option to [`tls.createSecureContext()`][].
+from the bundled Mozilla CA store as supplied by current Node.js version.
+
+The bundled CA store, as supplied by Node.js, is a snapshot of Mozilla CA store
+that is fixed at release time. It is identical on all supported platforms.
 
 ## `tls.DEFAULT_ECDH_CURVE`
 <!-- YAML