From 1a3203b891bd611d2878f345b608cf29b1efcd26 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Tue, 27 Jan 2015 10:56:23 -0500
Subject: Have the pem public/private key loading docs point to x.509

---
 docs/hazmat/primitives/asymmetric/serialization.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'docs/hazmat')

diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst
index d5da24da..7ff4ce30 100644
--- a/docs/hazmat/primitives/asymmetric/serialization.rst
+++ b/docs/hazmat/primitives/asymmetric/serialization.rst
@@ -71,6 +71,14 @@ don't need to worry about this detail. PEM keys are recognizable because they
 all begin with ``-----BEGIN {format}-----`` and end with ``-----END
 {format}-----``.
 
+.. note::
+
+    A PEM block which starts with ``-----BEGIN CERTIFICATE-----`` is not a
+    public or private key, it's an :doc:`X.509 Certificate </x509>`. You can
+    load it using :func:`~cryptography.x509.load_pem_x509_certificate` and
+    extract the public key with
+    :meth:`Certificate.public_key <cryptography.x509.Certificate.public_key>`.
+
 .. function:: load_pem_private_key(data, password, backend)
 
     .. versionadded:: 0.6
-- 
cgit v1.2.3