diff --git a/etc/DependencyInstaller.sh b/etc/DependencyInstaller.sh
index 47756712023..4fdc48399b4 100755
--- a/etc/DependencyInstaller.sh
+++ b/etc/DependencyInstaller.sh
@@ -721,6 +721,10 @@ Usage: $0
                                 # Installs dependencies required to run CI
        $0 -nocert
                                 # Disable certificate checks
+                                #    WARNING: Do not use without a good reason,
+                                #    like working around a firewall. This opens
+                                #    vulnerability to man-in-the-middle (MITM)
+                                #    attacks.
 
 EOF
     exit "${1:-1}"
@@ -784,6 +788,9 @@ while [ "$#" -gt 0 ]; do
             export PREFIX="$(realpath $(echo $1 | sed -e 's/^[^=]*=//g'))"
             ;;
         -nocert)
+            echo "WARNING: security certificates for downloaded packages will not be checked. Do not use" >&2
+            echo "         -nocert without a good reason, like working around a firewall. This opens" >&2
+            echo "         vulnerability to man-in-the-middle (MITM) attacks." >&2
             shopt -s expand_aliases
             alias wget="wget --no-check-certificate"
             export GIT_SSL_NO_VERIFY=true