diff --git a/README.md b/README.md
index ebe7aee..25942fe 100644
--- a/README.md
+++ b/README.md
@@ -64,20 +64,64 @@ script in the following  Linux distributions:
    ``/etc/ssl/certs/ca-certificates.crt`` file;
 3. Restart Traefik.
 
-> With the Step 1. Minio server will get the certificate it needs, hence SSE-C
-> will be enabled.
-
-> Steps 2. and 3. will need to be repeated each time you get a new CA
-> certificate.  
-> These steps can be automated this way:  
-> Start Traefik with this command:  
-> ``sh -c "update-ca-certificates && traefik"``  
-> while ``/usr/local/share/ca-certificates`` container path is mounted from the
-> host with the CA certificate produced by this script.
-
-> I am using Alpine Traefik image, the correct ca certificates path is
-> ``/usr/local/share/ca-certificates/``, otherwise one of these
-> https://golang.org/src/crypto/x509/root_linux.go
+With the Step 1. Minio server will get the certificate it needs, hence SSE-C
+will be enabled.
+
+Steps 2. and 3. will need to be repeated each time you get a new CA
+certificate.  
+These steps can be automated this way:  
+Start Traefik with this command:  
+``sh -c "update-ca-certificates && traefik"``  
+while ``/usr/local/share/ca-certificates`` container path is mounted from the
+host with the CA certificate produced by this script.
+
+I am using Alpine Traefik image, the correct ca certificates path is
+``/usr/local/share/ca-certificates/``, otherwise one of these
+https://golang.org/src/crypto/x509/root_linux.go
+
+- ``docker-compose.yml`` example with the gencert script:
+
+```
+version: '3'
+
+networks:
+  oasis: {}
+
+services:
+  minio:
+    restart: unless-stopped
+    image: minio/minio
+    networks:
+      - oasis
+    volumes:
+      - /srv/data/minio:/data
+      - /srv/data/minio/start/gencert.sh:/gencert.sh:ro
+    entrypoint: sh -c "cd /root/.minio/certs && /gencert.sh --cn minio.example.com && minio server /data"
+    environment:
+      - "MINIO_ACCESS_KEY=redacted"
+      - "MINIO_SECRET_KEY=redacted"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.frontend.rule=Host: minio.example.com"
+      - "traefik.frontend.passHostHeader=true"
+      - "traefik.port=9000"
+
+  traefik:
+    restart: unless-stopped
+    image: traefik:1.6-alpine
+    volumes:
+      - /srv/data/traefik/acme:/etc/traefik/acme
+      - /srv/data/traefik/traefik.toml:/etc/traefik/traefik.toml:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro # listen to the Docker events.
+      - /srv/data/traefik/ca-certs:/usr/local/share/ca-certificates:ro
+    command: sh -c "update-ca-certificates && traefik"
+    networks:
+      - oasis
+    ports:
+      - "127.0.0.1:8080:8080"
+      - "80:80"
+      - "443:443"
+```
 
 ### Drawbacks