diff --git a/docs/client-certificate-setup.md b/docs/client-certificate-setup.md
index 3e7210f..558d63e 100644
--- a/docs/client-certificate-setup.md
+++ b/docs/client-certificate-setup.md
@@ -43,5 +43,7 @@ on Debian or Ubuntu.)
 To test this see [development-client-certs.md](development-client-certs.md) and
 * From the browser after importing the `testclient1.p12`:
 nagivate to the protected directories.
-* With curl: `curl https://{serverURL}/.well-known/csaf/red/ --cert-type p12 --cert testclient1.p12`
-
+* With curl: `curl https://{serverURL}/.well-known/csaf/red/ --cert-type p12 --cert testclient1.p12`.
+(If the server uses self-signed certifcate one of the following options should be added to the `curl` command:
+`--insecure` to disable the verification,
+`--cacert {CA-Certificate-File}` to pass the CA-Certificate that verifies the server).
\ No newline at end of file