diff --git a/README.md b/README.md index 7bc86a7..9b563cd 100644 --- a/README.md +++ b/README.md @@ -64,18 +64,18 @@ To enable SSL: The contents of `/path/to/certs` should contain the certificates and private keys for any virtual hosts in use. The certificate and keys should be named after the virtual host with a `.crt` and `.key` extension. For example, a container with `VIRTUAL_HOST=foo.bar.com` should have a -`foo.bar.com.crt` and 'foo.bar.com.key' file in the certs directory. +`foo.bar.com.crt` and `foo.bar.com.key` file in the certs directory. #### Wildcard Certificates -Wildcard certificate and keys should be name after the domain name with a `.crt` and `.key` extension. -For example `VIRTUAL_HOST=foo.bar.com` could also use cert name `bar.com.crt` and `bar.com.key`. +Wildcard certificates and keys should be name after the domain name with a `.crt` and `.key` extension. +For example `VIRTUAL_HOST=foo.bar.com` would use cert name `bar.com.crt` and `bar.com.key`. #### SNI If your certificate(s) supports multiple domain names, you can start a container with `CERT_NAME=` to identify the certificate to be used. For example, a certificate for `*.foo.com` and `*.bar.com` -could be name `shared.crt` and `shared.key`. A container running with `VIRTUAL_HOST=foo.bar.com` +could be named `shared.crt` and `shared.key`. A container running with `VIRTUAL_HOST=foo.bar.com` and `CERT_NAME=shared` will then use this shared cert. #### How SSL Support Works @@ -92,6 +92,6 @@ is always preferred when available. * If the container does not have a usable cert, a 503 will be returned. Note that in the latter case, a browser may get an connection error as no certificate is available -to establish a connection. A self-signed or generic cert can be defined as "default.crt" and "default.key" -which will allow a client browser to make a SSL connection (likely w/ a warning) and subsequently receive -a 503. \ No newline at end of file +to establish a connection. A self-signed or generic cert named `default.crt` and `default.key` +will allow a client browser to make a SSL connection (likely w/ a warning) and subsequently receive +a 503.