updates

README.md

@@ -4,23 +4,33 @@ This script generates x509 server certificate (with all IPs in SAN) signed by a
 self-signed CA.
 
 ## Purpose
-  - This script will always produce a self-signed x509 certificate in the
-    current path with the IP addresses embedded to x509's SAN.
+
+This script will always produce a self-signed x509 certificate with the IP
+addresses embedded to x509's SAN.
+
 It will also produce a CA certificate and can be used by other services
 which may need to authenticate against this self-signed certificate.
+
 The authentication works in a way that a public CA certificate will be
 used by the client in order to validate the server's certificate.
 
 ## Application
+
 ### Backend requiring x509 running behind reverse proxy
-  - This script has been created in order to ease the Minio's SSE-C
+
+This script has been created in order to ease the Minio's SSE-C
 (Server Side Encryption - Customer provided keys) enablement when
 Minio server is running as a backend behind a reverse proxy like Traefik.
+
 Minio server enables SSE-C only when it detects the x509 certificates.
+
 Traefik running with docker service provider talks to the backend using
-    the IP. The IP usually is not static, hence this script comes handy.
+the IP.
+
+Usually, the IP address is not static, hence this script comes handy.
 
 ## Example usage
+
 ### Minio server with Traefik example
 
 1. Replace ``minio server`` command with the following one:  
@@ -46,6 +56,7 @@ self-signed CA.
 > https://golang.org/src/crypto/x509/root_linux.go
 
 ## Script logic
+
 - generate CA certificate if does not find any
 - always generate server certificate on startup to ensure all IP addresses
   are in x509 SAN
@@ -53,6 +64,7 @@ self-signed CA.
 - regenerate the CA certificate if it finds it has expired
 
 ## Notes
+
 - The CA certificate will be valid for 3650 days (10 years)
 - The server certifcate will be valid for 365 days (1 year)
 - The x509 certs are ECDSA with prime256v1 curve and SHA256 signatures