diff --git a/README.md b/README.md
index 738402c..07695eb 100644
--- a/README.md
+++ b/README.md
@@ -18,6 +18,8 @@ step ca init --ssh --acme
 
 ## SSH Certificates
 
+### Server
+
 Use step-ca to sign an existing public key to produce a signed certificate with some principals on it.
 
 ```
@@ -41,4 +43,17 @@ TrustedUserCAKeys /etc/ssh/ssh_user_ca.pub
 HostKey /etc/ssh/ssh_host_ed25519_key
 HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
 EOF
-```
\ No newline at end of file
+```
+
+```
+systemctl reload sshd
+```
+
+### Client
+
+```
+step ssh certificate --sign \
+--principal root --principal john \
+--provisioner admin \
+john@john-pc-ubuntu ~/.ssh/id_ed25519.pub
+```