From 3eddf5c1733fd5dcfb2b87a065e16f73a6ea4233 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=81ngel=20Gonz=C3=A1lez?= <keisial@gmail.com>
Date: Thu, 10 Dec 2015 23:02:14 +0100
Subject: [PATCH] * doc/wget.texi: add hint for self-signed certificates

---
 doc/wget.texi | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/doc/wget.texi b/doc/wget.texi
index 64cb0563..f3925cab 100644
--- a/doc/wget.texi
+++ b/doc/wget.texi
@@ -1725,9 +1725,12 @@ this option to bypass the verification and proceed with the download.
 site's authenticity, or if you really don't care about the validity of
 its certificate.}  It is almost always a bad idea not to check the
 certificates when transmitting confidential or important data.
-If you are really sure of what you are doing, you can specify
---check-certificate=quiet to tell wget to not print any warning about
-invalid certificates, in most cases this is the wrong thing to do.
+For self-signed/internal certificates, you should download the certificate
+and verify against that instead of forcing this insecure mode.
+If you are really sure of not desiring any certificate verification, you
+can specify --check-certificate=quiet to tell wget to not print any
+warning about invalid certificates, albeit in most cases this is the
+wrong thing to do.
 
 @cindex SSL certificate
 @item --certificate=@var{file}