diff --git a/cert-manager/cert-manager.yaml b/cert-manager/cert-manager.yaml
index d838add..07b6c09 100644
--- a/cert-manager/cert-manager.yaml
+++ b/cert-manager/cert-manager.yaml
@@ -1,19 +1,33 @@
 ---
-apiVersion: onepassword.com/v1
-kind: OnePasswordItem
-metadata:
-  name: ca-cert
-  namespace: cert-manager
-  annotations:
-    operator.1password.io/auto-restart: "true"
-spec:
-  itemPath: "vaults/Lab/items/ca"
----
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
-  name: selfsigned-issuer
+  name: ca-issuer
   namespace: cert-manager
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: selfsigned-ca
+  namespace: cert-manager
+spec:
+  isCA: true
+  commonName: "Shahab Dogar"
+  secretName: root-secret
+  privateKey:
+    algorithm: ECDSA
+    size: 256
+  issuerRef:
+    name: ca-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: cluster-issuer
 spec:
   ca:
-    secretName: ca-cert
+    secretName: root-secret
diff --git a/helm/values/gitea.values.yaml b/helm/values/gitea.values.yaml
index 6b0c5d1..feeb81b 100644
--- a/helm/values/gitea.values.yaml
+++ b/helm/values/gitea.values.yaml
@@ -11,7 +11,7 @@ ingress:
   enabled: true
   className: nginx-internal
   annotations:
-    cert-manager.io/cluster-issuer: selfsigned-issuer
+    cert-manager.io/cluster-issuer: cluster-issuer
   hosts:
     - host: gitea.home
       paths:
diff --git a/helm/values/pihole.values.yaml b/helm/values/pihole.values.yaml
index b2f793d..1d5e0eb 100644
--- a/helm/values/pihole.values.yaml
+++ b/helm/values/pihole.values.yaml
@@ -12,7 +12,7 @@ persistentVolumeClaim:
 ingress:
   enabled: true
   annotations:
-    cert-manager.io/cluster-issuer: selfsigned-issuer
+    cert-manager.io/cluster-issuer: cluster-issuer
   hosts:
     - pihole.home
   tls:
diff --git a/helm/values/prometheus.values.yaml b/helm/values/prometheus.values.yaml
index 31fc73b..ae9cd7a 100644
--- a/helm/values/prometheus.values.yaml
+++ b/helm/values/prometheus.values.yaml
@@ -4,7 +4,7 @@ grafana:
     enabled: true
     ingressClassName: nginx-internal
     annotations:
-      cert-manager.io/cluster-issuer: selfsigned-issuer
+      cert-manager.io/cluster-issuer: cluster-issuer
     hosts:
       - grafana.home
     tls: