diff --git a/build/cover.sh b/build/cover.sh
index 17b5be3b1d..56b2476cb1 100755
--- a/build/cover.sh
+++ b/build/cover.sh
@@ -27,6 +27,9 @@ if [ -z "${PKG}" ]; then
   exit 1
 fi
 
+export CGO_ENABLED=1
+export GODEBUG=netdns=go+2
+
 rm -rf coverage.txt
 for d in $(go list "${PKG}/..." | grep -v vendor | grep -v '/test/e2e' | grep -v images); do
   t=$(date +%s);
diff --git a/build/test.sh b/build/test.sh
index 59a540461f..480d166719 100755
--- a/build/test.sh
+++ b/build/test.sh
@@ -30,6 +30,7 @@ fi
 
 # enabled to use host dns resolver
 export CGO_ENABLED=1
+export GODEBUG=netdns=go+2
 
-go test -v -race -tags "cgo" \
+go test -v -race \
   $(go list "${PKG}/..." | grep -v vendor | grep -v '/test/e2e' | grep -v images | grep -v "docs/examples")
diff --git a/docs/enhancements/20190724-only-dynamic-ssl.md b/docs/enhancements/20190724-only-dynamic-ssl.md
new file mode 100644
index 0000000000..790f93501b
--- /dev/null
+++ b/docs/enhancements/20190724-only-dynamic-ssl.md
@@ -0,0 +1,63 @@
+---
+title: Remove static SSL configuration mode
+authors:
+  - "@aledbf"
+reviewers:
+  - "@ElvinEfendi"
+approvers:
+  - "@ElvinEfendi"
+editor: TBD
+creation-date: 2019-07-24
+last-updated: 2019-07-24
+status: implementable
+see-also:
+replaces:
+superseded-by:
+---
+
+#  Remove static SSL configuration mode
+
+## Table of Contents
+
+<!-- toc -->
+- [Summary](#summary)
+- [Motivation](#motivation)
+  - [Goals](#goals)
+  - [Non-Goals](#non-goals)
+- [Proposal](#proposal)
+  - [Implementation Details/Notes/Constraints](#implementation-detailsnotesconstraints)
+- [Drawbacks](#drawbacks)
+- [Alternatives](#alternatives)
+<!-- /toc -->
+
+## Summary
+
+Since release [0.19.0](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.19.0) is possible to configure SSL certificates without the need of NGINX reloads (thanks to lua) and after release [0.24.0](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.19.0) the default enabled mode is dynamic.
+
+## Motivation
+
+The static configuration implies reloads, something that affects the majority of the users.
+
+### Goals
+
+- Deprecation of the flag `--enable-dynamic-certificates`.
+- Cleanup of the codebase.
+
+### Non-Goals
+
+- Features related to certificate authentication are not changed in any way.
+
+## Proposal
+
+- Remove static SSL configuration
+
+### Implementation Details/Notes/Constraints
+
+- Deprecate the flag Move the directives `ssl_certificate` and `ssl_certificate_key` from each server block to the `http` section. These settings are required to avoid NGINX errors in the logs.
+- Remove any action of the flag `--enable-dynamic-certificates`
+
+## Drawbacks
+
+## Alternatives
+
+Keep both implementations