From 76b468fb23f062946c48609dca730a12b57fedb4 Mon Sep 17 00:00:00 2001
From: Joel Martin <github@martintribe.org>
Date: Thu, 2 Feb 2012 07:05:55 -0600
Subject: [PATCH] Add openssl cert generation procedure to README.

---
 README.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/README.md b/README.md
index 562c4f7..7db1df4 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,20 @@ encoding must used to encapsulate the data within UTF-8. Websockify
 uses base64 to encode all traffic to and from the client. This does
 not affect the data between websockify and the server.
 
+### Encrypted WebSocket connections (wss://)
+
+To encrypt the traffic using the WebSocket 'wss://' URI scheme you
+need to generate a certificate for websockify to load. By default websockify
+loads a certificate file name `self.pem` but the `--cert=CERT` option can
+override the file name. You can generate a self-signed certificate using
+openssl. When asked for the common name, use the hostname of the server where
+the proxy will be running:
+
+```
+openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
+```
+
+
 ### Websock Javascript library