diff --git a/conduwuit-example.toml b/conduwuit-example.toml
index 6537642bc427fd9175ea14bef0d50dfc5e0e96a3..c5ec97b9ea554645e35f14d5937a9a16310cd0ff 100644
--- a/conduwuit-example.toml
+++ b/conduwuit-example.toml
@@ -276,4 +276,15 @@ allow_check_for_updates = true
 #presence_idle_timeout_s = 300
 
 # Config option to control how many seconds before presence updates that you are offline. Defaults to 30 minutes.
-#presence_offline_timeout_s = 1800
\ No newline at end of file
+#presence_offline_timeout_s = 1800
+
+
+
+# Other options not in [global]:
+#
+#
+# Enables running conduwuit with direct TLS support
+# It is strongly recommended you use a reverse proxy instead. This is primarily relevant for test suites like complement that require a private CA setup.
+# [global.tls]
+# certs = "/path/to/my/certificate.crt"
+# key = "/path/to/my/private_key.key"
\ No newline at end of file
diff --git a/src/main.rs b/src/main.rs
index 2026652a18a3f98c41127e99a896c7cee32b470e..8aae73346414f74c0836ce86f3d11bab0c4d7774 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -233,7 +233,7 @@ async fn main() {
 
     info!("Starting server");
     if let Err(e) = run_server().await {
-        error!("Critical error running server: {}", e);
+        error!("Critical error starting server: {}", e);
     };
 
     // if server runs into critical error and shuts down, shut down the tracer provider if jaegar is used.
@@ -359,7 +359,13 @@ async fn run_server() -> io::Result<()> {
     } else {
         match &config.tls {
             Some(tls) => {
+                debug!(
+                    "Using direct TLS. Certificate path {} and certificate private key path {}",
+                    &tls.certs, &tls.key
+                );
+                info!("Note: It is strongly recommended that you use a reverse proxy instead of running conduwuit directly with TLS.");
                 let conf = RustlsConfig::from_pem_file(&tls.certs, &tls.key).await?;
+                debug!("Rustlsconfig: {:?}", conf);
 
                 let mut join_set = JoinSet::new();
                 for addr in &addrs {
@@ -373,7 +379,10 @@ async fn run_server() -> io::Result<()> {
                 #[cfg(feature = "systemd")]
                 let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Ready]);
 
-                info!("Listening on {:?}", addrs);
+                info!(
+                    "Listening on {:?} with TLS certificates {}",
+                    addrs, &tls.certs
+                );
                 join_set.join_next().await;
             }
             None => {