diff --git a/infra/vultr-kubernetes/cluster-setup.md b/infra/vultr-kubernetes/cluster-setup.md
index e0c35aa..57da63c 100644
--- a/infra/vultr-kubernetes/cluster-setup.md
+++ b/infra/vultr-kubernetes/cluster-setup.md
@@ -48,5 +48,15 @@ kubectl --kubeconfig config.yaml \
 	-f https://github.com/cert-manager/cert-manager/releases/download/v1.14.2/cert-manager.yaml
 ```
 
+# Create the cert issuer and certificate
+
+
+```sh
+kubectl --kubeconfig config.yaml apply -f k8s/letsencrypt-issuer.yaml
+kubectl --kubeconfig config.yaml apply -f k8s/letsencrypt-issuer.yaml
+```
+
+Because we just have 1 cert for now we are looking for it's status to be `READY`
+
 
 
diff --git a/infra/vultr-kubernetes/k8s/letsencrypt-certificate.yaml b/infra/vultr-kubernetes/k8s/letsencrypt-certificate.yaml
new file mode 100644
index 0000000..c3f6874
--- /dev/null
+++ b/infra/vultr-kubernetes/k8s/letsencrypt-certificate.yaml
@@ -0,0 +1,13 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: sample.temprah-lab.xyz
+  namespace: default
+spec:
+  secretName: sample.temprah-lab.xyz-tls
+  issuerRef:
+    name: letsencrypt-prod
+    kind: ClusterIssuer
+  commonName: sample.temprah-lab.xyz
+  dnsNames:
+    - sample.temprah-lab.xyz
diff --git a/infra/vultr-kubernetes/k8s/letsencrypt-issuer.yaml b/infra/vultr-kubernetes/k8s/letsencrypt-issuer.yaml
index b6e16ca..b8de0ee 100644
--- a/infra/vultr-kubernetes/k8s/letsencrypt-issuer.yaml
+++ b/infra/vultr-kubernetes/k8s/letsencrypt-issuer.yaml
@@ -1,15 +1,15 @@
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
-  name: letencrypt-prod
+  name: letsencrypt-prod
   namespace: default
 spec:
   acme:
     server: https://acme-v02.api.letsencrypt.org/directory
     email: dev@shockrah.xyz
     privateKeySecretRef:
-      name: letencrypt-prod
+      name: letsencrypt-prod
     solvers:
       - http01:
-        ingress:
-          class: traefik
+          ingress:
+            class: traefik