diff --git a/cert-manager/cert-exporter.yaml b/cert-manager/cert-exporter.yaml
index cbc5782..83cc880 100644
--- a/cert-manager/cert-exporter.yaml
+++ b/cert-manager/cert-exporter.yaml
@@ -19,6 +19,10 @@ data:
       key: certificates/_.pyrocufflink.net.key
       cert: certificates/_.pyrocufflink.net.crt
       bundle: certificates/_.pyrocufflink.net.pem
+    - name: dustinhatchname-cert
+      namespace: default
+      key: acme.sh/dustin.hatch.name/dustin.hatch.name.key
+      cert: acme.sh/dustin.hatch.name/fullchain.cer
   known-hosts-command.ssh_config: |
     KnownHostsCommand /usr/bin/curl -fsL https://files.pyrocufflink.blue/ssh_known_hosts
 
@@ -36,6 +40,7 @@ rules:
   - get
   resourceNames:
   - pyrocufflink-cert
+  - dustinhatchname-cert
 
 ---
 apiVersion: rbac.authorization.k8s.io/v1
diff --git a/cert-manager/certificates.yaml b/cert-manager/certificates.yaml
index 188f239..65eaf05 100644
--- a/cert-manager/certificates.yaml
+++ b/cert-manager/certificates.yaml
@@ -16,3 +16,21 @@ spec:
   privateKey:
     algorithm: ECDSA
     rotationPolicy: Always
+
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: dustinhatchname-cert
+spec:
+  secretName: dustinhatchname-cert
+  dnsNames:
+  - dustin.hatch.name
+  - '*.dustin.hatch.name'
+  issuerRef:
+    group: cert-manager.io
+    kind: ClusterIssuer
+    name: zerossl
+  privateKey:
+    algorithm: ECDSA
+    rotationPolicy: Always