Changes in README to adapt the passphrase input

README

@@ -97,12 +97,28 @@ In order to use ARC, a grid certificate is necessary. More information
 about grid certificates in general and how to get them can be found on
 http://www.nordugrid.org/documents/certificate_howto.html
 
-For this technology preview, only the certificates without password
-can be used (both the client side and server side). Certificates with
-password (for client side) will be supported when certificate
-delegation is available.
 
-For testing purposes, an "untrusted" certificate can be generated by
+Please make sure correctly configure the certificates on client and service 
+sides. The configuration about certificate for MCCTLS in the service.xml 
+should like this:  
+      <KeyPath>./key.pem</KeyPath>
+      <CertificatePath>./cert.pem</CertificatePath>
+      <CACertificatePath>./ca.pem</CACertificatePath>
+or this:
+      <KeyPath>/etc/grid-security/hostkey.pem</KeyPath>
+      <CertificatePath>/etc/grid-security/hostcert.pem</CertificatePath>
+      <CACertificatesDir>/etc/grid-security/certificates</CACertificatesDir>
+Note if you configure <CACertificatePath>, that implicitly means the certificates
+for client and service sides are signed by one specific CA.
+The key file can be with or without passphrase.
+
+If you would test ARC with TLS support, the certificate generated by yourself ("untrusted"
+certificate) is recommended; or you can also use some certificate genertated by authorized CA, 
+such as NorduGrid CA. 
+For testing, you can use the same certificates for the client and service sides.
+
+
+For testing purposes, an "untrusted" self-signed certificate can be generated by
 the following commands:
 
   openssl genrsa 1024 > key.pem