diff --git a/.gitignore b/.gitignore
index 54377e9..0939fbd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@ cert.pem
 key.pem
 lightwalletd
 .sw?
+server.log
diff --git a/README.md b/README.md
index 09ca031..f6d6e2e 100644
--- a/README.md
+++ b/README.md
@@ -51,7 +51,7 @@ Then start `hushd` in your command window. You might need to run with `-reindex`
 Run the build script.
 
 ```
-make build
+make
 ```
 
 #### 3. Get a TLS certificate and run the Lightwalletd frontend
@@ -86,17 +86,20 @@ server {
 }
 ```
 
-Then run the lightwalletd frontend with the following (Note: we use the "-no-tls" option as we are using NGINX as a reverse proxy and letting it handle the TLS authentication for us instead):
+Then run the lightwalletd frontend with the following:
 
 ```
-./lightwalletd -bind-addr localhost:9067 -conf-file ~/.hush/HUSH3/HUSH3.conf -no-tls
+./start.sh
 ```
 
+Note: we use the "--no-tls" option as we are using NGINX as a reverse proxy and letting it handle the TLS authentication for us instead. If you want to do TLS directly with lightwalletd with no reverse proxy, see the next section.
+
+
 ##### Option B: "Let's Encrypt" certificate just using lightwalletd without NGINX
 The other option is to configure lightwalletd to handle its own TLS authentication. Once you have a certificate that you want to use (from a certificate authority), pass the certificate to the frontend as follows:
 
 ```
-./lightwalletd -bind-addr 127.0.0.1:9067 -conf-file ~/.hush/HUSH3/HUSH3.conf -tls-cert /etc/letsencrypt/live/YOURWEBSITE/fullchain.pem -tls-key /etc/letsencrypt/live/YOURWEBSITE/privkey.pem
+./start-tls.sh -tls-cert /etc/letsencrypt/live/YOURWEBSITE/fullchain.pem -tls-key /etc/letsencrypt/live/YOURWEBSITE/privkey.pem
 ```
 
 #### 4. Point the `silentdragonlite-cli` to this server
@@ -114,18 +117,22 @@ cargo build --release
 
 ## Lightwalletd Command-line Options
 
-These are the current different command line options for lightwalletd:
+These are some of the most used command line options for lightwalletd:
+
 
-| CLI option | Default 		  | What it does                  |
+| CLI option | Default                   | What it does                  |
 |------------|:--------------:|------------------------------:|
-| -bind-addr | 127.0.0.1:9067 | address and port to listen on |
-| -tls-cert  | blank		  | the path to a TLS certificate |
-| -tls-key   | blank 		  | the path to a TLS key file    |
-| -no-tls    | false		  | Disable TLS, serve un-encrypted traffic |
-| -log-file  | blank 		  | log file to write to 		  |
-| -log-level | logrus.InfoLevel | log level 1 thru 7 (something from logrus)|
-| -conf-file | blank		  | conf file to pull RPC creds from |
-| -cache-size| 40000 		  | number of blocks to hold in the cache |
+| --grpc-bind-addr | 127.0.0.1:9067 | address and port to listen on |
+| --tls-cert  | blank             | the path to a TLS certificate |
+| --tls-key   | blank             | the path to a TLS key file    |
+| --no-tls    | false             | Disable TLS, serve un-encrypted traffic |
+| --log-file  | blank             | log file to write to                  |
+| --log-level | logrus.InfoLevel | log level 1 thru 7 (something from logrus)|
+| --hush-conf-path | blank             | conf file to pull RPC creds from |
+| --cache-size| 40000             | number of blocks to hold in the cache |
+
+
+Run `./lightwalletd --help` to see all options.
 
 ## Developing
 
diff --git a/cmd/root.go b/cmd/root.go
index 9b51e1f..17fb833 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -335,8 +335,8 @@ func init() {
 	rootCmd.Flags().Int("sync-from-height", -1, "re-fetch blocks from hushd start at this height")
 	rootCmd.Flags().String("data-dir", "/var/lib/lightwalletd", "data directory (such as db)")
 	rootCmd.Flags().Bool("ping-very-insecure", false, "allow Ping GRPC for testing")
-	rootCmd.Flags().Bool("darkside-very-insecure", false, "run with GRPC-controllable mock hushd for integration testing (shuts down after 30 minutes)")
-	rootCmd.Flags().Int("darkside-timeout", 30, "override 30 minute default darkside timeout")
+	// rootCmd.Flags().Bool("darkside-very-insecure", false, "run with GRPC-controllable mock hushd for integration testing (shuts down after 30 minutes)")
+	// rootCmd.Flags().Int("darkside-timeout", 30, "override 30 minute default darkside timeout")
 
 	viper.BindPFlag("grpc-bind-addr", rootCmd.Flags().Lookup("grpc-bind-addr"))
 	viper.SetDefault("grpc-bind-addr", "127.0.0.1:9067")
@@ -370,10 +370,10 @@ func init() {
 	viper.SetDefault("data-dir", "/var/lib/lightwalletd")
 	viper.BindPFlag("ping-very-insecure", rootCmd.Flags().Lookup("ping-very-insecure"))
 	viper.SetDefault("ping-very-insecure", false)
-	viper.BindPFlag("darkside-very-insecure", rootCmd.Flags().Lookup("darkside-very-insecure"))
-	viper.SetDefault("darkside-very-insecure", false)
-	viper.BindPFlag("darkside-timeout", rootCmd.Flags().Lookup("darkside-timeout"))
-	viper.SetDefault("darkside-timeout", 30)
+	// viper.BindPFlag("darkside-very-insecure", rootCmd.Flags().Lookup("darkside-very-insecure"))
+	// viper.SetDefault("darkside-very-insecure", false)
+	// viper.BindPFlag("darkside-timeout", rootCmd.Flags().Lookup("darkside-timeout"))
+	// viper.SetDefault("darkside-timeout", 30)
 
 	logger.SetFormatter(&logrus.TextFormatter{
 		//DisableColors:          true,
diff --git a/start-tls.sh b/start-tls.sh
new file mode 100755
index 0000000..f7936da
--- /dev/null
+++ b/start-tls.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# Copyright 2020-2022 The Hush Developers
+# Released under GPLv3
+
+# Description: This script would be used with a NGINX reverse proxy
+
+./lightwalletd --grpc-bind-addr localhost:9067 --hush-conf-path ~/.hush/HUSH3/HUSH3.conf $@
+