These options tell pgmanage where the TLS Certificate and Key files reside. If you use these options then you'll only be able to access pgmanage through a secure TLS connection. These options are only necessary if you wish to connect directly to pgmanage using a secure TLS connection. As an alternative, you can set up pgmanage in a reverse proxy configuration. This allows your web server to terminate the secure connection and pass on the request to pgmanage. You can find help to set up this configuration in: https://github.com/pgManage/pgManage/blob/master/INSTALL_NGINX.md.