diff --git a/README.rst b/README.rst
index 77f861e788..53429394a5 100644
--- a/README.rst
+++ b/README.rst
@@ -56,6 +56,8 @@ It is recommended to put a reverse proxy such as
 `relayd <https://man.openbsd.org/relayd.8>`_ in front of Synapse. One advantage of
 doing so is that it means that you can expose the default https port (443) to
 Matrix clients without needing to run Synapse with root privileges.
+Another important advantage is that such a reverse proxy is better suited for
+handling TLS, in particular for managing the needed credentials (certificate etc.).
 For information on configuring one, see `the reverse proxy docs
 <https://element-hq.github.io/synapse/latest/reverse_proxy.html>`_.
 
diff --git a/docs/reverse_proxy.md b/docs/reverse_proxy.md
index 45de2b1f65..175d1cfcb4 100644
--- a/docs/reverse_proxy.md
+++ b/docs/reverse_proxy.md
@@ -7,8 +7,9 @@ It is recommended to put a reverse proxy such as
 [HAProxy](https://www.haproxy.org/) or
 [relayd](https://man.openbsd.org/relayd.8) in front of Synapse. One advantage
 of doing so is that it means that you can expose the default https port
-(443) to Matrix clients without needing to run Synapse with root
-privileges.
+(443) to Matrix clients without needing to run Synapse with root privileges.
+Another important advantage is that such a reverse proxy is better suited for
+handling TLS, in particular for managing the needed credentials (certificate etc.).
 
 You should configure your reverse proxy to forward requests to `/_matrix` or
 `/_synapse/client` to Synapse, and have it set the `X-Forwarded-For` and