diff --git a/README.md b/README.md
index 956c4fa..4898b04 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,31 @@
 Checklist:
 
 - [x] Setup a random IPv6 for the web server
-- [x] [CAA record](https://letsencrypt.org/docs/caa/)
\ No newline at end of file
+- [x] [CAA record](https://letsencrypt.org/docs/caa/)
+
+To issue a certificate:
+
+1. Set certificates in your server .conf to this:
+   ```
+   ssl_certificate /etc/nginx/snakeoil.pem;
+   ssl_certificate_key /etc/nginx/snakeoil.key;
+   ```
+
+3. Issue the certificate:
+   ```
+   docker compose exec acme mkdir /etc/ssl/<domain>
+   docker compose exec acme --issue --server letsencrypt -d <domain> --webroot /var/www/html/<domain>
+   docker compose exec acme --install-cert -d <domain> --key-file /etc/ssl/<domain>/key.pem --fullchain-file /etc/ssl/<domain>/fullchain.pem
+   ```
+
+4. Set certificates in your server .conf to this:
+   ```
+   ssl_certificate /etc/ssl/<domain>/fullchain.pem;
+   ssl_certificate_key /etc/ssl/<domain>/key.pem;
+   ```
+
+5. Restart nginx:
+   ```
+   docker compose exec nginx nginx -s reload
+   ```
+   You have to do this (or restart) every up to 3 months.
\ No newline at end of file