diff --git a/examples/Dockerfile b/examples/Dockerfile
new file mode 100644
index 00000000..96db0382
--- /dev/null
+++ b/examples/Dockerfile
@@ -0,0 +1,13 @@
+FROM mysql:latest
+
+COPY server.crt /etc/mysql/conf.d/server-cert.pem
+COPY server.key /etc/mysql/conf.d/server-key.pem
+COPY ca.crt /etc/mysql/conf.d/server-ca.pem
+COPY mysql-ssl.cnf /etc/mysql/conf.d/my.cnf
+
+ENV MYSQL_DATABASE=kine
+
+# Here we will need to change the permission for the ssl certs
+RUN chown mysql /etc/mysql/conf.d/server-cert.pem /etc/mysql/conf.d/server-key.pem /etc/mysql/conf.d/server-ca.pem
+
+EXPOSE 3306
diff --git a/examples/generate-certs.sh b/examples/generate-certs.sh
index 5b65e321..33040e00 100755
--- a/examples/generate-certs.sh
+++ b/examples/generate-certs.sh
@@ -1,12 +1,17 @@
 #!/bin/sh
 
 # Generate self signed root CA cert
-openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=AU/ST=VIC/L=Melbourne/O=Ranch/OU=root/CN=root/emailAddress=sample@sample.com"
+openssl req -new -x509 -days 3650 -config server_openssl.cnf -keyout ca.key -out ca.crt
 
+# Create a private key for the server
+openssl genrsa -out server.key 2048
 
-# Generate server cert to be signed
-openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr -subj "/C=AU/ST=VIC/L=Melbourne/O=Ranch/OU=root/CN=localhost/emailAddress=sample@sample.com"
+# Generate server CSR with SAN
+openssl req -new -key server.key -out server.csr -config server_openssl.cnf
 
-# Sign the server cert
-openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt
+# Sign the server CSR with CA
+openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 365 -extfile server_openssl.cnf -extensions v3_req
 
+# Verify if it's a SAN cert
+# if it's a SAN cert, it should print the SANs
+openssl x509 -in server.crt -text -noout | grep -A1 "Subject Alternative Name"
diff --git a/examples/minimal.md b/examples/minimal.md
index 8b8e071f..60ca0c0e 100644
--- a/examples/minimal.md
+++ b/examples/minimal.md
@@ -1,115 +1,42 @@
-## Minimal example of using kine
-The following example uses kine with a mysql database for persistence.
+# Minimal example of using kine
+
+The following example uses kine with a `mysql` database for persistence.
 
 A sample script is available to generate certs [here](generate-certs.sh)
+But you also will need to use `SAN` instead of `CN`
+We have a example of the files you will need to generate the certs for the [server](server_openssl.cnf)
 
-We can run mysql on a host:
+We can run `mysql` on a host using `docker` [here](Dockerfile)
+you will also need the `cnf` file [here](mysql-ssl.cnf)
 
+```bash
+docker build -t mysql-kine .
 ```
-docker run --name kine-mysql -v $PWD:/etc/mysql/conf.d -p 3306:3306 -e MYSQL_DATABASE=kine -e MYSQL_ROOT_PASSWORD=$PASSWORD -d mysql:latest
-```
-
-This will start mysql db with ssl enabled for client connections.
-
-A sample script is available to generate certs [here](generate-certs.sh)
 
-Run kine on the same host as mysql database:
-```
-kine --endpoint "mysql://root:$PASSWORD@tcp(localhost:3306)/kine"  --ca-file ca.crt --cert-file server.crt --key-file server.key
+```bash
+docker run --name kine-mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=$PASSWORD -d mysql-kine
 ```
 
-This will expose the mysql db as an etcd endpoint.
+this will start `mysql` db with everything you will need.
 
-### Using with RKE
-Use the following RKE cluster.yml sample to boot up the cluster. 
+## Running kine standalone
 
-RKE supports using an external etcd endpoint.
+Run kine on the same host as `mysql` database:
 
+```bash
+kine --endpoint "mysql://root:$PASSWORD@tcp(localhost:3306)/kine"
+--ca-file ca.crt --cert-file server.crt --key-file server.key
 ```
-nodes:
-    - address: 1.1.1.1
-      user: ubuntu
-      role:
-        - controlplane
-        - worker
-    - address: 2.2.2.2
-      user: ubuntu
-      role:
-        - controlplane
-        - worker
-cluster_name: "kine-demo"
-network:
-    plugin: canal
-ignore_docker_version: true
-services:
-    etcd:
-        path: /
-        external_urls:
-        - http://kine:2379
-        ca_cert: |-
-            -----BEGIN CERTIFICATE-----
-            
-            -----END CERTIFICATE-----
-        cert: |-
-            -----BEGIN CERTIFICATE-----
-           Cert
-            -----END CERTIFICATE-----
-        key: |-
-            -----BEGIN RSA PRIVATE KEY-----
 
-            -----END RSA PRIVATE KEY-----
-```
+This will expose the `mysql` db as an `etcd` endpoint.
 
-## Using with kubeadm
+## Using with k3s
 
-You can use the following sample kubeadm-master.cfg to launch a cluster with kine.
+You can use the following command to launch a `k3s` server with kine.
 
+```bash
+k3s server --datastore-endpoint "mysql://root:$PASSWORD@tcp(localhost:3306)/kine"
+--datastore-cafile ca.crt --datastore-certfile server.crt --datastore-keyfile server.key
 ```
-apiVersion: kubeadm.k8s.io/v1beta2
-bootstrapTokens:
-- groups:
-  - system:bootstrappers:kubeadm:default-node-token
-  token: abcdef.0123456789abcdef
-  ttl: 24h0m0s
-  usages:
-  - signing
-  - authentication
-kind: InitConfiguration
-localAPIEndpoint:
-  advertiseAddress: 0.0.0.0
-  bindPort: 6443
-nodeRegistration:
-  criSocket: /var/run/dockershim.sock
-  name: kubeadm
-  taints:
-  - effect: NoSchedule
-    key: node-role.kubernetes.io/master
----
-apiServer:
-  timeoutForControlPlane: 4m0s
-apiVersion: kubeadm.k8s.io/v1beta2
-certificatesDir: /etc/kubernetes/pki
-clusterName: kubernetes
-controllerManager: {}
-dns:
-  type: CoreDNS
-imageRepository: registry.k8s.io
-kind: ClusterConfiguration
-kubernetesVersion: v1.17.0
-networking:
-  dnsDomain: cluster.local
-  serviceSubnet: 10.96.0.0/12
-scheduler: {}
-controlPlaneEndpoint: "0.0.0.0:6443"
-etcd:
-  external:
-    endpoints:
-    - http://kine:2379
-    caFile: ./ca.crt
-    certFile: ./server.crt
-    keyFile: ./server.key
-```
-
-The cluster can then be launched as 
 
-`kubeadm init --config kubeadm-master.cfg --ignore-preflight-errors ExternalEtcdVersion`
+And that's it! You can now use `k3s` with `mysql` as a db.
diff --git a/examples/mysql-ssl.cnf b/examples/mysql-ssl.cnf
index 37599efa..5ece5071 100644
--- a/examples/mysql-ssl.cnf
+++ b/examples/mysql-ssl.cnf
@@ -1,5 +1,5 @@
 [mysqld]
-ssl-ca=/etc/mysql/conf.d/ca.crt
-ssl-cert=/etc/mysql/conf.d/server.crt
-ssl-key=/etc/mysql/conf.d/server.key
+ssl-ca=/etc/mysql/conf.d/server-ca.pem
+ssl-cert=/etc/mysql/conf.d/server-cert.pem
+ssl-key=/etc/mysql/conf.d/server-key.pem
 require_secure_transport=ON
diff --git a/examples/server_openssl.cnf b/examples/server_openssl.cnf
new file mode 100644
index 00000000..9b1b7de1
--- /dev/null
+++ b/examples/server_openssl.cnf
@@ -0,0 +1,30 @@
+[ req ]
+default_bits        = 2048
+prompt              = no
+default_md          = sha256
+distinguished_name  = req_distinguished_name
+req_extensions      = req_ext
+x509_extensions     = v3_ca
+
+[ req_distinguished_name ]
+C  = AU
+ST = VIC
+L  = Melbourne
+O  = Ranch
+OU = CA
+CN = My CA
+
+[ req_ext ]
+subjectAltName      = @alt_names
+
+[ v3_ca ]
+subjectAltName      = @alt_names
+basicConstraints    = critical,CA:TRUE
+keyUsage            = critical,digitalSignature,keyCertSign
+
+[ v3_req ]
+subjectAltName      = @alt_names
+
+[ alt_names ]
+DNS.1   = localhost
+DNS.2   = example.com