diff --git a/docs/consul.org b/docs/consul.org
index fcc97bf..98a456c 100644
--- a/docs/consul.org
+++ b/docs/consul.org
@@ -8,8 +8,11 @@ agenix -i ~/.ssh/id_reykjavik -d consul.d/consul-agent-ca-key.pem.age > ~/tmp/co
 #+end_src
 Create the keypair using consul:
 #+begin_src bash
-nix-shell -p consul
-consul tls cert create -server -dc samfelag
+NIXPKGS_ALLOW_UNFREE=1 nix-shell -p consul
+# Server cert
+consul tls cert create -server -dc samfelag --ca=/home/marc/tmp/consul-agent-ca.pem --key=/home/marc/tmp/consul-agent-ca-key.pem
+# Client cert
+consul tls cert create -client -dc samfelag --ca=/home/marc/tmp/consul-agent-ca.pem --key=/home/marc/tmp/consul-agent-ca-key.pem
 #+end_src
 * ACLs
 ** Policies