diff --git a/cert-manager/.gitignore b/cert-manager/.gitignore
index 8809eb4..fdf8270 100644
--- a/cert-manager/.gitignore
+++ b/cert-manager/.gitignore
@@ -1,3 +1,4 @@
+acme-dns.json
 cert-exporter.pem
 cert-manager.key
 zerossl.secret
diff --git a/cert-manager/cluster-issuer.yaml b/cert-manager/cluster-issuer.yaml
index e83c680..f294c65 100644
--- a/cert-manager/cluster-issuer.yaml
+++ b/cert-manager/cluster-issuer.yaml
@@ -17,10 +17,8 @@ spec:
     solvers:
     - dns01:
         cnameStrategy: Follow
-        rfc2136:
-          nameserver: 172.30.0.1
-          tsigKeyName: cert-manager
-          tsigAlgorithm: HMACSHA512
-          tsigSecretSecretRef:
-            name: cert-manager-tsig
-            key: cert-manager.key
+        acmeDNS:
+          host: https://auth.acme-dns.io/
+          accountSecretRef:
+            name: acme-dns
+            key: acme-dns.json
diff --git a/cert-manager/kustomization.yaml b/cert-manager/kustomization.yaml
index 3e3c72b..de2099f 100644
--- a/cert-manager/kustomization.yaml
+++ b/cert-manager/kustomization.yaml
@@ -28,3 +28,10 @@ secretGenerator:
   - cert-exporter.pem
   options:
     disableNameSuffixHash: true
+
+- name: acme-dns
+  namespace: cert-manager
+  files:
+  - acme-dns.json
+  options:
+    disableNameSuffixHash: true