From 1b55ea26eed0b2d0aa47f5a0527a0629468c827b Mon Sep 17 00:00:00 2001
From: dbpatterson <dbpatterson@riseup.net>
Date: Sun, 12 Jul 2009 17:21:55 -0400
Subject: [PATCH] troubleshooting info for Rpxnow

---
 README | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/README b/README
index c953cbb8..219baebf 100644
--- a/README
+++ b/README
@@ -1 +1,10 @@
 Authentication methods for Haskell web applications.
+
+Note for Rpxnow: 
+By default on some (all?) installs wget does not come with root certificates for SSL. 
+If this is the case then Web.Authenticate.Rpxnow.authenticate will fail as wget cannot establish a secure connection to rpxnow's servers.
+
+A simple *nix solution, if potentially insecure (man in the middle attacks as you are downloading the certs) is to grab a copy of the certs extracted from those that come with firefox, hosted by CURL at http://curl.haxx.se/ca/cacert.pem , put them somewhere (for ex, ~/.wget/cacert.pem) and then edit your ~/.wgetrc to include: 
+ca_certificate=~/.wget/cacert.pem
+
+This should fix the problem.
\ No newline at end of file