diff --git a/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md b/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md index e6fb94d0..e575714b 100644 --- a/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md +++ b/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md @@ -99,7 +99,7 @@ A flag indicating whether the HTTP header was successfully set. #### Description -Initializes the object to be sent to the Roku client certificate. +Initializes the Roku device's built-in client certificate for use in mutual TLS (mTLS) authentication. When called, the device will present its Roku-issued client certificate during the TLS handshake (if server requests it), allowing the server to verify that the request originates from a genuine Roku device running your specific app. For backend service verification purposes it is recommended to use [GetDeviceAttestation(nonce as String) as String](https://developer.roku.com/dev/docs/ifchannelstore#getdeviceattestationnonce-as-string-as-string) > The Roku Developer Dashboard includes a link for downloading the [RokuTV Certification Authority](https://developer.roku.com/certificate). This CA can be passed to an app through this function. @@ -328,4 +328,4 @@ Removes all cookies from the cookie cache. video.SetCertificatesFile("pkg:/source/testCA.CRT") video.InitClientCertificates() ``` -6. Test the authentication with and without the code in step 5 above. If any of the three authentication methods above are ommitted you should get access denied. Note that you cannot successfully access the video until you've built a package, uploaded it to the app store, and are running that app via an app code. A sideloaded app does not properly negotiate client certs or send the enforced dev-id value for the x-roku-reserved-dev-id header. \ No newline at end of file +6. Test the authentication with and without the code in step 5 above. If any of the three authentication methods above are ommitted you should get access denied. Note that you cannot successfully access the video until you've built a package, uploaded it to the app store, and are running that app via an app code. A sideloaded app does not properly negotiate client certs or send the enforced dev-id value for the x-roku-reserved-dev-id header.