Updated Settings (markdown)

Settings.md

@@ -22,9 +22,22 @@ Allow the usage of CSharpCodeMatcher, default is not allowed because it can be d
 ### CertificateSettings
 By default, the .NETStandard version from WireMock.Net can use the default .NET self-signed development certificate. See [HTTPS-SSL](https://github.com/WireMock-Net/WireMock.Net/wiki/Using-HTTPS-%28SSL%29#net-standard--net-core) for more info.
 
-However, it's also possible to use your own certificate, which can use defined in the Certificate Store or in a `.pfx` file.
+However, it's also possible to use your own certificate by configuring appropriate values for the `CertificateSettings`.
+The following methods are supported: 
+
+- Using the Certificate Store  
+- Loading a PFX certificate from the file system  
+- Utilizing an in-memory `X509Certificate2` instance
+
+Note that:
+- X509StoreName and X509StoreLocation should be defined
+- OR
+- X509CertificateFilePath and X509CertificatePassword should be defined
+- OR 
+- X509Certificate should be defined
+
+#### SSL Certficate from Certificate Store
 
-To configure this you need to define the correct values for the `CertificateSettings`. See example below:
 ``` c#
 var server = WireMockServer.Start(new WireMockServerSettings
 {
@@ -33,12 +46,9 @@ var server = WireMockServer.Start(new WireMockServerSettings
     {
         X509StoreName = "My",
         X509StoreLocation = "CurrentUser",
-        X509StoreThumbprintOrSubjectName = "FE16586076A8B3F3E2F1466803A6C4C7CA35455B" // This can be a Thumbprint, SubjectName or null
+        // X509StoreThumbprintOrSubjectName can be a Thumbprint, SubjectName or null
-
+        X509StoreThumbprintOrSubjectName = "FE16586076A8B3F3E2F1466803A6C4C7CA35455B"
-        // X509CertificateFilePath = "example.pfx",
-        // X509CertificatePassword = "wiremock"
     }
-
 });
 ```
 
@@ -46,13 +56,42 @@ Where
 * `X509StoreName` = The Certificate StoreName. One of: AddressBook, AuthRoot, CertificateAuthority, My, Root, TrustedPeople, TrustedPublisher.
 * `X509StoreLocation` = The Certificate StoreLocation. Can be CurrentUser or LocalMachine.
 * `X509StoreThumbprintOrSubjectName` = This can be the Certifcate Thumbprint, Certifcate SubjectName or null. If it's null, the first match on the hostname Certicate is used.
-* `X509CertificateFilePath` = The full path to the X509Certificate2 `.pfx` file
-* `X509CertificatePassword` = The password for the X509Certificate2 `.pfx` file
 
-Note that:
+#### SSL Certficate from the file system  
-- X509StoreName and X509StoreLocation should be defined
+
-- OR
+``` c#
-- X509CertificateFilePath and X509CertificatePassword should be defined
+var server = WireMockServer.Start(new WireMockServerSettings
+{
+    Urls = new[] { "https://localhost:8443" },
+    CertificateSettings = new WireMockCertificateSettings
+    {
+        X509CertificateFilePath = "example.pfx",
+        X509CertificatePassword = "wiremock"
+    }
+});
+```
+
+Where
+* `X509CertificateFilePath` = The full path to the X509Certificate2 `.pfx` or `.pem` file
+* `X509CertificatePassword` = The password or key for the X509Certificate2 file. This can be null if the certificate does not require a password.
+
+#### SSL Certificate from in-memory X509Certificate2
+
+``` c#
+// GetSSLCertificate is used to represent any way to load a certificate, for example from Azure KeyVault.
+X509Certificate2 sslCertificate = GetSSLCertificate();
+
+var server = WireMockServer.Start(new WireMockServerSettings
+{
+    Urls = new[] { "https://localhost:8443" },
+    CertificateSettings = new WireMockCertificateSettings
+    {
+        X509Certificate = sslCertificate
+    }
+});
+```
+
+#### Additional SSL Certificate Resources
 
 📝 
 See also these links on how to generate a EC or RSA