diff --git a/README.MD b/README.MD
index a0c9491..59c367f 100644
--- a/README.MD
+++ b/README.MD
@@ -122,7 +122,7 @@ client.connect("127.0.0.1", 25565);
 ### Creating Root-CA:
 ````
 openssl genrsa -out myCA.key 4096
-openssl req -x509 -new -nodes -key myCA.key -sha256 -days 3650 -out myCA.pem
+openssl req -x509 -new -key myCA.key -sha256 -days 365 -out myCA.pem -addtext basicConstraints=critical,CA:TRUE -addtext keyUsage=critical,keyCertSign,cRLSign
 
 myCA.key = private Key for CA (keep secret)
 myCA.pem = public Root-Certificate for signing server and client certificates
@@ -131,7 +131,7 @@ myCA.pem = public Root-Certificate for signing server and client certificates
 ````
 openssl genrsa -out server.key 2048
 openssl req -new -key server.key -out server.csr
-openssl x509 -req -in server.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out server.crt -days 825 -sha256
+openssl x509 -req -in server.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out server.crt -days 365 -sha256
 
 server.key = private Key for Server
 server.crt = Server-Certificate signed by Root-CA
@@ -140,7 +140,7 @@ server.crt = Server-Certificate signed by Root-CA
 ````
 openssl genrsa -out client.key 2048
 openssl req -new -key client.key -out client.csr
-openssl x509 -req -in client.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out client.crt -days 825 -sha256
+openssl x509 -req -in client.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out client.crt -days 365 -sha256
 
 client.key = private Key for Client
 client.crt = Client-Certificate signed by Root-CA