diff --git a/docs/guide/server_ssl.textile b/docs/guide/server_ssl.textile
new file mode 100644
index 0000000000000000000000000000000000000000..748d74d53f17fe9e1b7caff76eb424393ebc8010
--- /dev/null
+++ b/docs/guide/server_ssl.textile
@@ -0,0 +1,38 @@
+To configure SSL support for Spectrum2 in server mode, you have to generate server-side certificate, convert it to PKCS#12 format and configure path to it in Spectrum 2 config file.
+
+This article describes how to generate self-signed server certificate and use it in Spectrum 2.
+
+h2. Setup your own CA (Certificate Authority)
+
+<pre>
+$ openssl genrsa -des3 -out my-ca.key 2048
+$ openssl req -new -x509 -days 3650 -key my-ca.key -out my-ca.crt
+</pre>
+
+h2. Make a key and a certificate for the server
+
+* When prompted for "Common Name (eg, your name or your server's hostname) []:", add the hostname/JID of your transport (for example "localhost").
+* When prompted for "A challenge password []:", *do not* set it.
+
+<pre>
+$ openssl genrsa -des3 -out spectrum2-server.key 1024
+$ openssl req -new -key spectrum2-server.key -out spectrum2-server.csr
+$ openssl x509 -req -in spectrum2-server.csr -out spectrum2-server.crt -sha1 -CA my-ca.crt -CAkey my-ca.key -CAcreateserial -days 3650
+</pre>
+
+h2. Convert server key and certficate to PKCS#12 format
+
+When generating pkcs12 file, *do not* set the Export password. Spectrum 2 currently doesn't parse pkcs12 certificates with password.
+
+<pre>
+$ openssl pkcs12 -export -in spectrum2-server.crt -inkey spectrum2-server.key -out spectrum2-server.p12
+</pre>
+
+h2. Set path to certificate in config file
+
+Set the path to cert and configure certificate password if you set one for the pkcs12 file.
+<pre>
+[service]
+...
+cert=/etc/spectrum2/certificates/spectrum2-server.p12
+</pre>