diff --git a/README.md b/README.md
index bdc22d8..da439b9 100644
--- a/README.md
+++ b/README.md
@@ -30,6 +30,7 @@ This more complex example demonstrates how to deploy to several environments bas
         deploy-staging:
             image: quay.io/honestbee/drone-kubernetes
             kubernetes_server: ${KUBERNETES_SERVER_STAGING}
+            kubernetes_cert: ${KUBERNETES_CERT_STAGING}
             kubernetes_token: ${KUBERNETES_TOKEN_STAGING}
             deployment: my-deployment
             repo: myorg/myrepo
@@ -43,6 +44,7 @@ This more complex example demonstrates how to deploy to several environments bas
             image: quay.io/honestbee/drone-kubernetes
             kubernetes_server: ${KUBERNETES_SERVER_PROD}
             kubernetes_token: ${KUBERNETES_TOKEN_PROD}
+            # notice: no tls verification will be done, warning will is printed
             deployment: my-deployment
             repo: myorg/myrepo
             container: my-container
@@ -56,10 +58,15 @@ This more complex example demonstrates how to deploy to several environments bas
     drone secret add --image=honestbee/drone-kubernetes \
         your-user/your-repo KUBERNETES_SERVER https://mykubernetesapiserver
 
+    drone secret add --image=honestbee/drone-kubernetes \
+        your-user/your-repo KUBERNETES_CERT <base64 encoded CA.crt>
 
     drone secret add --image=honestbee/drone-kubernetes \
         your-user/your-repo KUBERNETES_TOKEN eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJ...
 
+When using TLS Verification, ensure Server Certificate used by kubernetes API server 
+is signed for SERVER url ( could be a reason for failures if using aliases of kubernetes cluster )
+
 ## To do 
 
 Replace the current kubectl bash script with a go implementation.
diff --git a/update.sh b/update.sh
index 838e2f8..2df92a6 100755
--- a/update.sh
+++ b/update.sh
@@ -18,15 +18,16 @@ fi
 
 kubectl config set-credentials default --token=${KUBERNETES_TOKEN}
 if [ ! -z ${KUBERNETES_CERT} ]; then
-  echo ${KUBERNETES_CERT}} | base64 -d > ca.crt
+  echo ${KUBERNETES_CERT} | base64 -d > ca.crt
   kubectl config set-cluster default --server=${KUBERNETES_SERVER} --certificate-authority=ca.crt
 else
+  echo "WARNING: Using insecure connection to cluster"
   kubectl config set-cluster default --server=${KUBERNETES_SERVER} --insecure-skip-tls-verify=true
 fi
 
 kubectl config set-context default --cluster=default --user=default
 kubectl config use-context default
-  
+
 IFS=',' read -r -a DEPLOYMENTS <<< "$PLUGIN_DEPLOYMENT"
 for DEPLOY in ${DEPLOYMENTS[@]}; do
   echo Deploying to $KUBERNETES_SERVER