diff --git a/main.go b/main.go
index e52c1af35add5b282f20bf9ac3f881434ccc8e73..34fa4a90432bf83e20b99a1194576f3f8d502246 100644
--- a/main.go
+++ b/main.go
@@ -8,6 +8,7 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
+	"runtime"
 	"strconv"
 	"strings"
 	"time"
@@ -18,23 +19,33 @@ import (
 )
 
 var (
-	appVersion             string
-	buildTime              string
-	CertBase               string
-	KeyBase                string
-	GroupName              string
-	RedisBaseURL           string
-	VaultBaseURL           string
-	certificateDestination string
-	fullchainDestination   string
-	keyDestination         string
-	caDestination          string
-	Type                   string
+	appVersion                string
+	buildTime                 string
+	CertBase                  string
+	KeyBase                   string
+	GroupName                 string
+	RedisBaseURL              string
+	VaultBaseURL              string
+	certificateDestination    string
+	fullchainDestination      string
+	keyDestination            string
+	caDestination             string
+	Type                      string
+	tmpCertificateDestination string
+	tmpFullchainDestination   string
+	tmpCaDestination          string
+	tmpKeyDestination         string
+	certTmpDir                string
 )
 
 // app clean and exit
 func appExit(status int) {
-	err := os.RemoveAll("/tmp/acme-downloader")
+	if runtime.GOOS == "windows" {
+		certTmpDir = "C:\\tmp\\acme-downloader\\"
+	} else {
+		certTmpDir = "/tmp/acme-downloader"
+	}
+	err := os.RemoveAll(certTmpDir)
 	if err != nil {
 	}
 	os.Exit(status)
@@ -245,9 +256,15 @@ func main() {
 		KeyBase = "/etc/ssl/private"
 		GroupName = "root"
 	} else if OSRelease == "unknown" {
-		CertBase = "/PATH/TO/CERTIFICATE"
-		KeyBase = "/PATH/TO/PRIV/KEY"
-		GroupName = "root"
+		if runtime.GOOS == "windows" {
+			CertBase = "DRIVE:\\PATH\\TO\\CERTIFICATE"
+			KeyBase = "DRIVE:\\PATH\\TO\\KEY"
+			GroupName = "root"
+		} else {
+			CertBase = "/PATH/TO/CERTIFICATE"
+			KeyBase = "/PATH/TO/PRIV/KEY"
+			GroupName = "root"
+		}
 	}
 
 	usage := fmt.Sprintf(`ACME Downloader:
@@ -282,6 +299,18 @@ Options:
 		appExit(0)
 	}
 
+	if runtime.GOOS == "windows" {
+		tmpCertificateDestination = "C:\\tmp\\acme-downloader\\cert\\amce_cert.pem"
+		tmpFullchainDestination = "C:\\tmp\\acme-downloader\\cert\\amce_fullchain.pem"
+		tmpCaDestination = "C:\\tmp\\acme-downloader\\cert\\amce_ca.pem"
+		tmpKeyDestination = "C:\\tmp\\acme-downloader\\key\\amce_key.pem"
+	} else {
+		tmpCertificateDestination = "/tmp/acme-downloader/cert/amce_cert.pem"
+		tmpFullchainDestination = "/tmp/acme-downloader/cert/amce_fullchain.pem"
+		tmpCaDestination = "/tmp/acme-downloader/cert/amce_ca.pem"
+		tmpKeyDestination = "/tmp/acme-downloader/key/amce_key.pem"
+	}
+
 	VaultToken := arguments["--vault-token"].(string)
 	CertName := arguments["--cert-name"].(string)
 	CertNameUndercored := strings.Replace(CertName, ".", "_", -1)
@@ -301,23 +330,25 @@ Options:
 	RedisCAURL := fmt.Sprintf("%v/%v:%v:redis_%v_chain_pem.txt", RedisBaseURL, TeamName, CertName, CertNameUndercored)
 	RedisFullChainURL := fmt.Sprintf("%v/%v:%v:redis_%v_fullchain_pem.txt", RedisBaseURL, TeamName, CertName, CertNameUndercored)
 
-	if arguments["--cert-destination"] == fmt.Sprintf("%v/<cert-name>.crt", CertBase) {
-		certificateDestination = fmt.Sprintf("%v/%v.crt", CertBase, CertName)
+	// fmt.Println(filepath.Join("a", "b", "c"))
+	if arguments["--cert-destination"] == fmt.Sprintf(filepath.Join(CertBase, "<cert-name>.crt")) {
+		// certificateDestination = fmt.Sprintf("%v/%v.crt", CertBase, CertName)
+		certificateDestination = fmt.Sprintf(filepath.Join(CertBase, fmt.Sprintf("%v.crt", CertName)))
 	} else {
 		certificateDestination = arguments["--cert-destination"].(string)
 	}
-	if arguments["--fullchain-destination"] == fmt.Sprintf("%v/<cert-name>_fullchain.crt", CertBase) {
-		fullchainDestination = fmt.Sprintf("%v/%v_fullchain.crt", CertBase, CertName)
+	if arguments["--fullchain-destination"] == fmt.Sprintf(filepath.Join(CertBase, "<cert-name>_fullchain.crt")) {
+		fullchainDestination = fmt.Sprintf(filepath.Join(CertBase, fmt.Sprintf("%v_fullchain.crt", CertName)))
 	} else {
 		fullchainDestination = arguments["--fullchain-destination"].(string)
 	}
-	if arguments["--ca-destination"] == fmt.Sprintf("%v/COMODO_<type>.crt", CertBase) {
-		caDestination = fmt.Sprintf("%v/COMODO_%v.crt", CertBase, Type)
+	if arguments["--ca-destination"] == fmt.Sprintf(filepath.Join(CertBase, "COMODO_<type>.crt")) {
+		caDestination = fmt.Sprintf(filepath.Join(CertBase, fmt.Sprintf("COMODO_%v.crt", Type)))
 	} else {
 		caDestination = arguments["--ca-destination"].(string)
 	}
-	if arguments["--key-destination"] == fmt.Sprintf("%v/<cert-name>.key", KeyBase) {
-		keyDestination = fmt.Sprintf("%v/%v.key", KeyBase, CertName)
+	if arguments["--key-destination"] == fmt.Sprintf(filepath.Join(KeyBase, "<cert-name>.key")) {
+		keyDestination = fmt.Sprintf(filepath.Join(KeyBase, fmt.Sprintf("%v.key", CertName)))
 	} else {
 		keyDestination = arguments["--key-destination"].(string)
 	}
@@ -334,10 +365,6 @@ Options:
 	privKey := GetVaultKey(VaultURL, VaultToken)
 
 	// download and test certificates on a temporary location
-	tmpCertificateDestination := "/tmp/acme-downloader/cert/amce_cert.pem"
-	tmpFullchainDestination := "/tmp/acme-downloader/cert/amce_fullchain.pem"
-	tmpCaDestination := "/tmp/acme-downloader/cert/amce_ca.pem"
-	tmpKeyDestination := "/tmp/acme-downloader/key/amce_key.pem"
 	WriteToFile(certificate, tmpCertificateDestination, GroupName, 0644, 0755)
 	WriteToFile(fullChain, tmpFullchainDestination, GroupName, 0644, 0755)
 	WriteToFile(ca, tmpCaDestination, GroupName, 0644, 0755)