diff --git a/resources/ssl/README b/resources/ssl/README
index 4a44132..6a37b5b 100644
--- a/resources/ssl/README
+++ b/resources/ssl/README
@@ -1,12 +1,25 @@
 If "curl.cainfo" is not set (or you are using PHP older than 5.3.7, where the
 option was introduced), libphutil uses the "default.pem" certificate authority
 bundle when making HTTPS requests with cURL. This bundle is extracted from
 Mozilla's certificates by cURL:
 
   http://curl.haxx.se/docs/caextract.html
 
 If you want to use a different CA bundle (for example, because you use
 self-signed certificates), set "curl.cainfo" if you're using PHP 5.3.7 or newer,
 or create a file (or symlink) in this directory named "custom.pem".
 
 If "custom.pem" is present, that file will be used instead of "default.pem".
+
+If you receive errors using your "custom.pem" file, you can test it directly
+with `curl` by running a command like this:
+
+  curl -v --cacert path/to/your/custom.pem https://phabricator.example.com/
+
+Replace "path/to/your/custom.pem" with the path to your "custom.pem" file,
+and replace "https://phabricator.example.com" with the real URL of your
+Phabricator install.
+
+The initial lines of output from `curl` should give you information about the
+SSL handshake and certificate verification, which may be helpful in resolving
+the issue.