diff --git a/src/docs/markdown/automatic-https.md b/src/docs/markdown/automatic-https.md
index 1685fe5..a9e2cb3 100644
--- a/src/docs/markdown/automatic-https.md
+++ b/src/docs/markdown/automatic-https.md
@@ -79,6 +79,10 @@ Any of the following will prevent automatic HTTPS from being activated, either i
 - Listening exclusively on the HTTP port
 - Manually loading certificates (unless [this config property](/docs/json/apps/http/servers/automatic_https/ignore_loaded_certificates/) is true)
 
+**Special cases:**
+
+- Domains ending in `.ts.net` will not be managed by Caddy. Instead, Caddy will automatically attempt to get these certificates at handshake-time from the locally-running [Tailscale](https://tailscale.com) instance. This requires that [HTTPS is enabled in your Tailscale account](https://tailscale.com/kb/1153/enabling-https/) and the Caddy process must either be running as root, or you must configure `tailscaled` to give your Caddy user [permission to fetch certificates](https://github.com/caddyserver/caddy/pull/4541#issuecomment-1021568348).
+
 
 ## Effects