From 3848a27d31a9b04c8114d0260c4b9a615d83c8cd Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Wed, 22 Oct 2014 13:59:47 +0200
Subject: fix #378

---
 doc-src/ssl.html | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/doc-src/ssl.html b/doc-src/ssl.html
index 91225d79..16aed1dc 100644
--- a/doc-src/ssl.html
+++ b/doc-src/ssl.html
@@ -41,10 +41,26 @@ The files created by mitmproxy in the .mitmproxy directory are as follows:
 Using a custom certificate
 --------------------------
 
-You can use your own certificate by passing the __--cert__ option to mitmproxy.
+You can use your own certificate by passing the <kbd>--cert</kbd> option to mitmproxy. mitmproxy then uses the provided
+certificate for interception of the specified domains instead of generating a cert signed by its own CA.
 
-The certificate file is expected to be in the PEM format. You can generate
-a certificate in this format using these instructions:
+The certificate file is expected to be in the PEM format.
+You can include intermediary certificates right below your leaf certificate, so that you PEM file roughly looks like
+this:
+
+<pre>
+-----BEGIN PRIVATE KEY-----
+&lt;private key&gt;
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+&lt;cert&gt;
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+&lt;intermediary cert (optional)&gt;
+-----END CERTIFICATE-----
+</pre>
+
+For example, you can generate a certificate in this format using these instructions:
 
 <pre class="terminal">
 > openssl genrsa -out cert.key 8192
-- 
cgit v1.2.3