Changelog for fix for #460

cben · cben · commit 03a206ebb309 · 2022-03-22T21:26:05.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,18 @@ Notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 Kubeclient release versioning follows [SemVer](https://semver.org/).
 
+## Unreleased 4.9.z
+
+### Fixed
+
+- `Config`: fixed parsing of `certificate-authority` or `certificate-authority-data`
+  containing concatenation of several certificates.  Previously, server's cert was checked
+  against only first CA cert, resulting in possible "certificate verify failed" errors.
+
+  An important use case is a chain of root & intermediate cert(s) - necessary when cluster's CA
+  itself is signed by another custom CA.
+  But also helps when you simply concatenate independent certs. (#460, #461, #552)
+
 ## 4.9.2 — 2021-05-30
 
 ### Added
