diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index 3ad3214d47..746395b6b5 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -408,6 +408,8 @@
     server_aliases:
     - "*.id.fedoraproject.org"
     ips: "{{wildcard_fpo_ips}}"
+    # Must not be sslonly, because example.id.fedoraproject.org must be reachable
+    # via plain http for openid identity support
     cert_name: wildcard-2014.id.fedoraproject.org
     SSLCertificateChainFile: wildcard-2014.id.fedoraproject.org.intermediate.cert
 
@@ -416,6 +418,8 @@
     server_aliases:
     - "*.id.stg.fedoraproject.org"
     ips: "{{wildcard_fpo_ips}}"
+    # Must not be sslonly, because example.id.fedoraproject.org must be reachable
+    # via plain http for openid identity support
     cert_name: "{{wildcard_cert_name}}"
     SSLCertificateChainFile: wildcard-2014.stg.fedoraproject.org.intermediate.cert
     when: env == "staging"