diff --git a/README.md b/README.md
index 9fab863ba..7cef9a455 100644
--- a/README.md
+++ b/README.md
@@ -105,6 +105,39 @@ init 3
 
 ---
 
+## Custom SSL Certificate
+
+If you want to use your own certificate, then replace both `/etc/enigma2/key.pem` and `/etc/enigma2/cert.pem` with your own key and cert, in PEM format.
+
+Restart Enigma2 after replacing those files.
+
+### Using your own CA
+
+You can also put the ca cert as `/etc/enigma2/ca.pem` and enable HTTPS Client Cert auth in settings you can even login using Client certs signed by the same CA auth.
+
+It doesn't bypass the password login yet and you should of course use your own CA, because else any client with a key signed by that CA auth can login, as there is no option to limit access to certain users (yet, and probably newer will be).
+
+See also #215
+
+### Problems with a custom Certificate
+
+Creating key and cert is beyond the scope of this readme.
+I found [Ivan Ristić's openssl cookbook](https://www.feistyduck.com/books/openssl-cookbook/) helpful.
+
+FWIW, an `ecparam` `secp384r1` key and a `ecdsa-with-SHA256` cert with 4 SAN worked just fine on the following;
+
+```bash
+root@vuduo4kse:~# date ; cat /etc/os-release 
+Wed Nov 29 22:58:24 CET 2023
+ID=openbh
+NAME="openbh"
+VERSION="5.1"
+VERSION_ID=5.1
+PRETTY_NAME="openbh 5.1"
+```
+
+---
+
 ## Development Information
 
 See what's been happening, check out the [OpenWebif changelog](CHANGES.md)