diff --git a/deploy/cert-manager-webhook-vultr/templates/issuers.yaml b/deploy/cert-manager-webhook-vultr/templates/issuers.yaml
new file mode 100644
index 00000000..677c12f8
--- /dev/null
+++ b/deploy/cert-manager-webhook-vultr/templates/issuers.yaml
@@ -0,0 +1,39 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: vultr-letsencrypt-staging
+spec:
+  acme:
+    email: {{ .Values.certManager.email }}
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: vultr-letsencrypt-staging
+    solvers:
+      - dns01:
+          webhook:
+            groupName: acme.vultr.com
+            solverName: vultr
+            config:
+              apiKeySecretRef:
+                key: apiKey
+                name: {{ .Values.secretName }}
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: vultr-letsencrypt-prod
+spec:
+  acme:
+    email: {{ .Values.certManager.email }}
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: vultr-letsencrypt-prod
+    solvers:
+      - dns01:
+          webhook:
+            groupName: acme.vultr.com
+            solverName: vultr
+            config:
+              apiKeySecretRef:
+                key: apiKey
+                name: {{ .Values.secretName }}
\ No newline at end of file
diff --git a/deploy/cert-manager-webhook-vultr/templates/rbac.yaml b/deploy/cert-manager-webhook-vultr/templates/rbac.yaml
index 6a69f1db..61cbc76b 100644
--- a/deploy/cert-manager-webhook-vultr/templates/rbac.yaml
+++ b/deploy/cert-manager-webhook-vultr/templates/rbac.yaml
@@ -126,3 +126,28 @@ subjects:
     kind: ServiceAccount
     name: {{ include "cert-manager-webhook-vultr.fullname" . }}
     namespace: {{ .Release.Namespace | quote }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "cert-manager-webhook-vultr.fullname" . }}:secret-reader
+  namespace: {{ .Release.Namespace }}
+rules:
+  - apiGroups: [""]
+    resources: ["secrets"]
+    resourceNames: [{{ .Values.secretName }}]
+    verbs: ["get", "watch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "cert-manager-webhook-vultr.fullname" . }}:secret-reader
+  namespace: {{ .Release.Namespace }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ include "cert-manager-webhook-vultr.fullname" . }}:secret-reader
+subjects:
+  - apiGroup: ""
+    kind: ServiceAccount
+    name: {{ .Values.certManager.serviceAccountName }}
\ No newline at end of file
diff --git a/deploy/cert-manager-webhook-vultr/values.yaml b/deploy/cert-manager-webhook-vultr/values.yaml
index 93ac6442..8a6716e5 100644
--- a/deploy/cert-manager-webhook-vultr/values.yaml
+++ b/deploy/cert-manager-webhook-vultr/values.yaml
@@ -7,10 +7,12 @@
 # This group name should be **unique**, hence using your own company's domain
 # here is recommended.
 groupName: acme.vultr.com
+secretName: vultr-credentials
 
 certManager:
   namespace: cert-manager
   serviceAccountName: cert-manager
+  email: changeme@email.com
 
 image:
   repository: vultr/cert-manager-webhook-vultr