Merge pull request #1236 from hypesystem/document-custom-ca-iss1229

Document how to use custom CA in README (#1229)

README.md

@@ -452,12 +452,12 @@ var fs = require('fs')
 var options = {
     url: 'https://api.some-server.com/',
     agentOptions: {
-        'cert': fs.readFileSync(certFile),
-        'key': fs.readFileSync(keyFile),
+        cert: fs.readFileSync(certFile),
+        key: fs.readFileSync(keyFile),
         // Or use `pfx` property replacing `cert` and `key` when using private key, certificate and CA certs in PFX or PKCS12 format:
-        // 'pfx': fs.readFileSync(pfxFilePath),
-        'passphrase': 'password',
-        'securityOptions': 'SSL_OP_NO_SSLv3'
+        // pfx: fs.readFileSync(pfxFilePath),
+        passphrase: 'password',
+        securityOptions: 'SSL_OP_NO_SSLv3'
     }
 };
 
@@ -467,11 +467,23 @@ request.get(options);
 It is able to force using SSLv3 only by specifying `secureProtocol`:
 
 ```javascript
+request.get({
+    url: 'https://api.some-server.com/',
+    agentOptions: {
+        secureProtocol: 'SSLv3_method'
+    }
+});
+```
 
+It is possible to accept other certificates than those signed by generally allowed Certificate Authorities (CAs).
+This can be useful, for example,  when using self-signed certificates.
+To allow a different certificate, you can specify the signing CA by adding the contents of the CA's certificate file to the `agentOptions`:
+
+```javascript
 request.get({
     url: 'https://api.some-server.com/',
     agentOptions: {
-        'secureProtocol': 'SSLv3_method'
+        ca: fs.readFileSync('ca.cert.pem')
     }
 });
 ```