diff --git a/Falco-Configuration.md b/Falco-Configuration.md
index 1e92571..41ffba8 100644
--- a/Falco-Configuration.md
+++ b/Falco-Configuration.md
@@ -94,4 +94,17 @@ a list containing these sub-keys:
 * `enabled: [true|false]`: if true, falco will start an embedded webserver to accept k8s audit events
 * `listen_port`: The port on which to listen for k8s audit events. Default 8765.
 * `k8s_audit_endpoint`: The uri on which to listen for k8s audit events. Default `/k8s_audit`.
+* `ssl_enabled`: If true, the embedded webserver will use SSL for incoming connections. Default `false`.
+* `ssl_certificate`: A path to a combination SSL certificate for the embedded webserver. Default `/etc/falco/falco.pem`, although falco does not actually ship with any certificate.
+
+The SSL Options are new in 0.14.0.
+
+The ssl_certificate is a combination SSL Certificate and corresponding
+key contained in a single file. You can generate a key/cert as follows:
+
+```$ openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
+$ cat certificate.pem key.pem > falco.pem
+$ sudo cp falco.pem /etc/falco/falco.pem```
+
+