diff --git a/examples/web-server/caddy/Caddyfile b/examples/web-server/caddy/Caddyfile
index a897a1feec3c9..67b495d9fc733 100644
--- a/examples/web-server/caddy/Caddyfile
+++ b/examples/web-server/caddy/Caddyfile
@@ -1,3 +1,9 @@
+{
+  on_demand_tls {
+		ask http://example.com
+	}
+}
+
 coder.example.com, *.coder.example.com {
   reverse_proxy localhost:3000
   tls {
diff --git a/examples/web-server/caddy/README.md b/examples/web-server/caddy/README.md
index 7e345fe08eb3b..d66a61a3af62c 100644
--- a/examples/web-server/caddy/README.md
+++ b/examples/web-server/caddy/README.md
@@ -50,6 +50,7 @@ This is an example configuration of how to use Coder with [caddy](https://caddys
    - `coder.example.com`: Domain name you're using for Coder.
    - `*.coder.example.com`: Domain name for wildcard apps, commonly used for [dashboard port forwarding](https://coder.com/docs/coder-oss/latest/networking/port-forwarding#dashboard). This is optional and can be removed.
    - `localhost:3000`: Address Coder is running on. Modify this if you changed `CODER_HTTP_ADDRESS` in the Coder configuration.
+   - _DO NOT CHANGE the `ask http://example.com` line! Doing so will result in your certs potentially not being generated._
 
 4. [Configure Coder](https://coder.com/docs/coder-oss/latest/admin/configure) and change the following values:
 
@@ -111,9 +112,9 @@ For production deployments, we recommend configuring Caddy to generate a wildcar
    ```diff
    tls {
    -  on_demand
-      issuer acme {
-          email email@example.com
-      }
+   -  issuer acme {
+   -      email email@example.com
+   -  }
 
    +  dns route53 {
    +     max_retries 10
@@ -137,9 +138,9 @@ For production deployments, we recommend configuring Caddy to generate a wildcar
    ```diff
    tls {
    -  on_demand
-     issuer acme {
-         email email@example.com
-     }
+   -  issuer acme {
+   -      email email@example.com
+   -  }
 
    +  dns cloudflare CLOUDFLARE_API_TOKEN
    }