From 901b5d3df2dd532647b5ce76017019522c914d08 Mon Sep 17 00:00:00 2001
From: Mario Loria <mario@arroyonetworks.com>
Date: Sun, 6 Dec 2015 22:56:04 -0500
Subject: [PATCH] install ca-certificates package because 1.6

---
 Dockerfile |  2 +-
 README.md  | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index d6fcadc..badec89 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,7 +7,7 @@ ENV ZNC_VERSION 1.6.1
 
 RUN apt-get update \
     && apt-get install -y sudo wget build-essential libssl-dev libperl-dev \
-               pkg-config swig3.0 libicu-dev \
+               pkg-config swig3.0 libicu-dev ca-certificates \
     && mkdir -p /src \
     && cd /src \
     && wget "http://znc.in/releases/archive/znc-${ZNC_VERSION}.tar.gz" \
diff --git a/README.md b/README.md
index ce30cf3..cd38a53 100644
--- a/README.md
+++ b/README.md
@@ -84,6 +84,20 @@ Make note of the use of `-i` and `-t` instead of `-d`. This attaches us to the
 container, so we can interact with ZNC's makepass process. With `-d` it would
 simply run in the background.
 
+## A note about ZNC 1.6
+
+Starting with version 1.6, ZNC now requires ssl/tls certificate verification!
+This means that it will *not* connect to your IRC server(s) if they don't
+present a valid certificate. This is meant to help keep you safer from
+MitM attacks.
+
+This image installs the debian/ubuntu `ca-certificates`
+[package](http://packages.ubuntu.com/vivid/ca-certificates) so that servers
+with valid certificates will automatically be connected to ensuring no additional
+user intervention needed. If one of your servers doesn't have a valid fingerprint,
+you will need to connect to your bouncer and respond to `*status`.
+
+See [this](https://mikaela.info/english/2015/02/24/znc160-ssl.html) article for more information.
 
 ## Building It Yourself