Update README.md

roblav96 · web-flow · commit 46ec50c485cb · 2016-12-28T17:25:37.000-05:00
diff --git a/README.md b/README.md
@@ -43,6 +43,7 @@ npm run demo.android
 We also recommend adding `"skipLibCheck": true,` to your `tsconfig.json`.
 More information on that can be found [here](https://github.com/NativeScript/NativeScript/tree/master/tns-platform-declarations).
 
+Install the plugin:
 ```bash
 tns plugin add nativescript-https
 ```
@@ -66,7 +67,7 @@ Https.request({
 	console.error('Https.request error', error)
 })
 ```
-### Hitting an API using `POST` method with body
+### Hitting an API using `POST` method with JSON body
 ```typescript
 import * as Https from 'nativescript-https'
 Https.request({
@@ -89,13 +90,43 @@ Https.request({
 })
 ```
 
+## Configuration
+### Installing your SSL certificate
+Create a folder called `certs` in your projects `app` folder like so `project_root/app/certs`. Using chrome, go to the URL where the SSL certificate resides. View the details then drag and drop the certificate image into the `certs` folder.
 
+![Installing your SSL certificate](http://i.imgur.com/hn4duT3.gif)
 
+#### Enabling SSL pinning
+```typescript
+import { knownFolders } from 'file-system'
+import * as Https from 'nativescript-https'
+let dir = knownFolders.currentApp().getFolder('certs')
+let certificate = dir.getFile('wegossipapp.com.cer').path
+Https.enableSSLPinning({ host: 'wegossipapp.com', certificate })
+```
+Once you've enabled SSL pinning you **CAN NOT** re-enable with a different `host` or `certificate` file.
 
+#### Disabling SSL pinning
+```typescript
+import * as Https from 'nativescript-https'
+Https.disableSSLPinning()
+```
 
-
-
-
+#### Pinning Options
+```typescript
+export interface HttpsSSLPinningOptions {
+	host: string
+	certificate: string
+	allowInvalidCertificates?: boolean
+	validatesDomainName?: boolean
+}
+```
+Option | Description
+------------ | -------------
+`host: string` | This must be the top level domain name eg `wegossipapp.com` or `www.wegossipapp.com`.
+`certificate: string` | The uri path to your `.cer` certificate file.
+`allowInvalidCertificates?: boolean` | Default: `false`. This should **always** be `false` if you are using SSL pinning. Set this to `true` if you're using a self-signed certificate.
+`validatesDomainName?: boolean` | Default: `true`. Determines if the domain name should be validated with your pinned certificate.
 
 
 
