diff --git a/website/pages/docs/agent/autoauth/methods/cert.mdx b/website/pages/docs/agent/autoauth/methods/cert.mdx
index 69f3d58c7..18ec56492 100644
--- a/website/pages/docs/agent/autoauth/methods/cert.mdx
+++ b/website/pages/docs/agent/autoauth/methods/cert.mdx
@@ -11,10 +11,23 @@ The `cert` method uses the configured TLS certificates from the `vault` stanza o
 the agent configuration and takes an optional `name` parameter. There is no option
 to use certificates which differ from those used in the `vault` stanza.
 
-See TLS settings in the [`vault` Stanza](/docs/agent#vault-stanza)
+It is strongly advised to provide TLS settings in the configuration stanza
+within the auth method to avoid agent cache, if also enabled, from using the
+same TLS settings when proxying requests. If TLS settings are not present in the
+config stanza, Agent will fall back to using TLS settings from the [`vault`
+Stanza](/docs/agent#vault-stanza).
 
 ## Configuration
 
 - `name` `(string: optional)` - The trusted certificate role which should be used
   when authenticating with TLS. If a `name` is not specified, the auth method will
   try to authenticate against [all trusted certificates](/docs/auth/cert#authentication).
+
+- `ca_cert` `(string: optional)` -  Path on the local disk to a single
+PEM-encoded CA certificate to verify the Vault server's SSL certificate.
+
+- `client_cert` `(string: optional)` - Path on the local disk to a single
+PEM-encoded client certificate to use for cert auth method authentication.
+
+- `client_key` `(string: optional)` - Path on the local disk to a single
+PEM-encoded private key matching the client certificate from client_cert.