diff --git a/apps/templates/cert-manager.yaml b/apps/templates/cert-manager.yaml
index 8519e19..6214051 100644
--- a/apps/templates/cert-manager.yaml
+++ b/apps/templates/cert-manager.yaml
@@ -18,6 +18,9 @@ spec:
         prometheus:
           enabled: false
 
+        extraArgs:
+          - --enable-certificate-owner-ref=true
+
     repoURL: https://charts.jetstack.io
     targetRevision: 1.10.1
 
@@ -39,6 +42,8 @@ spec:
       name: cloudflare-issuer-account-key
     solvers:
     - dns01:
+        ingress:
+            class: traefik
         cloudflare:
           apiTokenSecretRef:
             name: cloudflare-api-token-secret
@@ -47,7 +52,6 @@ spec:
         dnsNames:
         - 'roxedus.com'
         - '*.roxedus.com'
-    - http01:
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
@@ -57,11 +61,32 @@ metadata:
 spec:
   # Secret names are always required.
   secretName: example-com-tls
-
+  commonName: test.roxedus.com
   dnsNames:
     - test.roxedus.com
   issuerRef:
     name: roxedus.com-cloudflare
     # We can reference ClusterIssuers by changing the kind here.
     # The default value is Issuer (i.e. a locally namespaced Issuer)
-    kind: ClusterIssuer
\ No newline at end of file
+    kind: ClusterIssuer
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  annotations:
+    certmanager.k8s.io/acme-challenge-type: dns01
+    certmanager.k8s.io/cluster-issuer: test-roxedus-com
+  name: ingress-rule
+  namespace: default
+spec:
+  rules:
+  - host: hostname
+    http:
+      paths:
+      - backend:
+          serviceName: backend-service
+          servicePort: 8080
+  tls:
+  - hosts:
+    - test.roxedus.com
+    secretName: test-roxedus-com
\ No newline at end of file