diff --git a/charts/akash-hostname-operator/Chart.yaml b/charts/akash-hostname-operator/Chart.yaml
index cac3ea29..19a9ca6c 100644
--- a/charts/akash-hostname-operator/Chart.yaml
+++ b/charts/akash-hostname-operator/Chart.yaml
@@ -17,7 +17,7 @@ type: application
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
 
 # Major version bit highlights the mainnet release (e.g. mainnet4 = 4.x.x, mainnet5 = 5.x.x, ...)
-version: 4.1.0
+version: 4.2.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
diff --git a/charts/akash-hostname-operator/templates/cluster-issuer.yaml b/charts/akash-hostname-operator/templates/cluster-issuer.yaml
new file mode 100644
index 00000000..2956f26d
--- /dev/null
+++ b/charts/akash-hostname-operator/templates/cluster-issuer.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.ssl.enabled .Values.ssl.clusterIssuer.enabled -}}
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: {{ .Values.ssl.clusterIssuer.name }}
+spec:
+  acme:
+    server: {{ .Values.ssl.clusterIssuer.server }}
+    preferredChain: {{ .Values.ssl.clusterIssuer.preferredChain }}
+    email: {{ .Values.ssl.clusterIssuer.email }}
+    privateKeySecretRef:
+      name: {{ .Values.ssl.clusterIssuer.name }}
+    solvers:
+      - http01:
+          ingress:
+            class: nginx
+{{- end }}
\ No newline at end of file
diff --git a/charts/akash-hostname-operator/templates/deployment.yaml b/charts/akash-hostname-operator/templates/deployment.yaml
index 6668d103..db23cfe8 100644
--- a/charts/akash-hostname-operator/templates/deployment.yaml
+++ b/charts/akash-hostname-operator/templates/deployment.yaml
@@ -40,6 +40,17 @@ spec:
           env:
             - name: AKASH_K8S_MANIFEST_NS
               value: lease
+            {{- if .Values.ssl.clusterIssuer.enabled }}
+            - name: AKASH_PROVIDER_ISSUER_TYPE
+              value: cluster-issuer
+            - name: AKASH_PROVIDER_ISSUER_NAME
+              value: {{ .Values.ssl.clusterIssuer.name }}
+            {{- else if .Values.ssl.issuer.enabled }}
+            - name: AKASH_PROVIDER_ISSUER_TYPE
+              value: issuer
+            - name: AKASH_PROVIDER_ISSUER_NAME
+              value: {{ .Values.ssl.issuer.name }}
+            {{- end }}
           volumeMounts:
             - name: boot
               mountPath: /boot
diff --git a/charts/akash-hostname-operator/values.yaml b/charts/akash-hostname-operator/values.yaml
index ccbc7c73..b1bf631b 100644
--- a/charts/akash-hostname-operator/values.yaml
+++ b/charts/akash-hostname-operator/values.yaml
@@ -70,3 +70,15 @@ nodeSelector: {}
 tolerations: []
 
 affinity: {}
+
+ssl:
+  enabled: false
+  clusterIssuer:
+    enabled: false
+    email: example@example.com
+    server: https://acme-v02.api.letsencrypt.org/directory
+    preferredChain: "ISRG Root X1"
+    name: letsencrypt
+  issuer:
+    enabled: false
+    name: letsencrypt