From 858370e49c8ae887cc54d6e2975e4e31eaa68b4e Mon Sep 17 00:00:00 2001
From: AJ ONeal <awesome@coolaj86.com>
Date: Mon, 13 Jul 2015 13:38:02 -0600
Subject: [PATCH] Update README.md

---
 README.md | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/README.md b/README.md
index 4746291..6956a06 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,38 @@
+IMPORTANT: Try this first
+=========
+
+2015-Aug-22: I just discovered that the most common reason you would have the kind of problems this module solves is actually due to failing to properly bundle the Intermediate CAs with the server certificate.
+
+```js
+// Consider this:
+var server https.createServer({
+  key: fs.readFileSync('privkey.pem', 'ascii')
+, cert: fs.readFileSync('cert.pem', 'ascii')
+});
+```
+
+Should probably be
+
+```js
+// Consider this:
+var server https.createServer({
+  key: fs.readFileSync('privkey.pem', 'ascii')
+, cert: fs.readFileSync('bundle.pem', 'ascii')
+});
+```
+
+Example `bundle.pem`
+
+```
+cat \
+ cert.pem \
+ intermediate-twice-removed.pem \
+ interemediate-once-removed.pem \
+ > bundle.pem
+```
+
+However, if you **need to add a non-standard Root CA**, then this is still the right module for you.
+
 SSL Root CAs
 =================