Un-cherry-pick -invalidcert section (#308)

ampproject · May 13, 2019 · fadd618 · fadd618
1 parent 9d63e83
commit fadd618
Showing 1 changed file with 0 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -161,21 +161,6 @@ that:
    possible for attackers to exploit it without intercepting the network path,
    for up to 7 days.
 
-#### Testing productionization without a valid certificate
-
-It is possible to test an otherwise fully production configuration without
-obtaining a certificate with the `CanSignHttpExchanges` extension. `amppkg`
-still needs to perform OCSP verification, so the Issuer CA must be valid (i.e. no
-self-signed certificates). e.g. You can use a certificate from [Let's Encrypt](https://letsencrypt.org/).
-
-Running `amppkg` with the `-invalidcert` flag will skip the check for
-`CanSignHttpExchanges`. This flag is not necessary when using the
-`-development` flag.
-
-Chrome can be configured to allow these invalid certificates with the
-*Allow Signed HTTP Exchange certificates without extension* experiment:
-chrome://flags/#allow-sxg-certs-without-extension
-
 #### Redundancy
 
 If you need to load balance across multiple instances of `amppkg`, you'll want