diff --git a/hack/tls-setup/README.md b/hack/tls-setup/README.md
index b5398435e..209f7a22c 100644
--- a/hack/tls-setup/README.md
+++ b/hack/tls-setup/README.md
@@ -5,5 +5,27 @@ Defaults generate an ECDSA-384 root and leaf certificates for `localhost`. etcd
 **Instructions**
 
 1. Install git, go, and make
-2. Run `make` to generate the certs
-3. Run `goreman start`
+2. Amend https://github.com/coreos/etcd/blob/master/hack/tls-setup/config/req-csr.json - IP's currently in the config should be replaced/added to with IP addresses of each node in your cluster, please note 127.0.0.1 is always required for loopback purposes:
+```json
+Example:
+{
+  "CN": "etcd",
+  "hosts": [
+    "3.8.121.201",
+    "46.4.19.20",
+    "127.0.0.1"
+  ],
+  "key": {
+    "algo": "ecdsa",
+    "size": 384
+  },
+  "names": [
+    {
+      "O": "autogenerated",
+      "OU": "etcd cluster",
+      "L": "the internet"
+    }
+  ]
+}
+```
+3. Run `make` to generate the certs