Install guide notes that snakeoil certs break browser uploads.

You know, with all the usual caveats that users theoretically control
what certs their browser does and doesn't trust, etc.  No issue #.

diff --git a/doc/install/install-manual-prerequisites.html.textile.liquid b/doc/install/install-manual-prerequisites.html.textile.liquid
index 3087514c1236fc3b1011545b5e4b6f5d5660a92f..bca1699c0331929ee8fb7a54eb76b2815c5c22b8 100644 (file)
--- a/doc/install/install-manual-prerequisites.html.textile.liquid
+++ b/doc/install/install-manual-prerequisites.html.textile.liquid
@@ -83,7 +83,15 @@ You may also use a different method to pick the unique identifier. The unique id
 
 h2. SSL certificates
 
-There are six public-facing services that will require an SSL certificate. If you do not have official SSL certificates, you can use self-signed certificates. By convention, we use the following hostname pattern:
+There are six public-facing services that require an SSL certificate. If you do not have official SSL certificates, you can use self-signed certificates.
+
+{% include 'notebox_begin' %}
+
+Users will probably not be able to upload data through Workbench if you use self-signed certificates.  Web browsers will not upload data unless they can verify the authenticity of the API server and Keepproxy SSL certificates.
+
+{% include 'notebox_end' %}
+
+By convention, we use the following hostname pattern:
 
 <div class="offset1">
 table(table table-bordered table-condensed).