# Certificates When configuring a custom domain, **Automatic Certificate Management** is enabled by default. You can also opt for **Self-Managed Certificates.** If you disable the active self-managed certificate, the system will automatically revert to Automatic Certificate Management to maintain security. *** ### Automatic Certificate Management By default, SSL/TLS certificates are automatically issued, renewed, and deployed. This guarantees that your domains remain secure without any manual effort. *** ### Self-Managed Certificates Self-managed certificates are suitable for: * **Origin Servers**: Configuring SSL/TLS for secure communication between our service and your DNS provider. * **Custom Certificates**: Providing your own certificates to meet specific requirements. {% hint style="info" %} You are responsible for obtaining and renewing certificates from your chosen Certificate Authority (CA) and configuring your DNS provider accordingly. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.simptel.com/tf-platform/administration/organizations/projects/tenants/domains/certificates.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.