Change the custom domain configuration for HelloID to use Let's Encrypt with auto-renewal instead of requesting a certificate from the administrator. This ensures no certificate is forgotten about.