From 2fcf171e64ebd3916d5c70df6b8acd42d028ba9a Mon Sep 17 00:00:00 2001
From: Mohammed Al Sahaf <mohammed@caffeinatedwonders.com>
Date: Mon, 6 Apr 2026 01:03:15 +0300
Subject: [PATCH] Apply suggestion from @mohammed90

---
 modules/caddytls/capools.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/modules/caddytls/capools.go b/modules/caddytls/capools.go
index 44639f212..c275f7d6f 100644
--- a/modules/caddytls/capools.go
+++ b/modules/caddytls/capools.go
@@ -821,10 +821,12 @@ func (scp SystemCAPool) CertPool() *x509.CertPool {
 	return scp.pool
 }
 
+// The `combined` pool type merges multiple pools. The `sources` pools must implement the
+// `CertificateProvider` interface, which allows them to export their certificate set.
+//
 // Note: SystemCAPool does not implement CertificateProvider because
 // x509.SystemCertPool() doesn't expose its certificates, so it cannot
 // be used as a source in CombinedCAPool.
-
 type CombinedCAPool struct {
 	// The CA pool sources to combine. Each source is a CA pool provider module.
 	SourcesRaw []json.RawMessage `json:"sources,omitempty" caddy:"namespace=tls.ca_pool.source inline_key=provider"`