diff --git a/certmanager/certmanager-prod-2/helm/helm-values.yaml b/certmanager/certmanager-prod-2/helm/helm-values.yaml
new file mode 100644
index 0000000..1fef0af
--- /dev/null
+++ b/certmanager/certmanager-prod-2/helm/helm-values.yaml
@@ -0,0 +1,5 @@
+crds: 
+  enabled: true
+extraArgs:
+  - --dns01-recursive-nameservers-only
+  - --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53
diff --git a/certmanager/certmanager-prod-2/kubernetes/clusterissuer.yaml b/certmanager/certmanager-prod-2/kubernetes/clusterissuer.yaml
new file mode 100644
index 0000000..2b1dea4
--- /dev/null
+++ b/certmanager/certmanager-prod-2/kubernetes/clusterissuer.yaml
@@ -0,0 +1,17 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: cloudflare-clusterissuer
+spec:
+  acme:
+    email: info@clcreative.de
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: cloudflare-clusterissuer-account-key
+    solvers:
+      - dns01:
+          cloudflare:
+            email: info@clcreative.de
+            apiTokenSecretRef:
+              name: cloudflare-api-token-secret
+              key: api-token
diff --git a/certmanager/certmanager-prod-2/kubernetes/secret.yaml b/certmanager/certmanager-prod-2/kubernetes/secret.yaml
new file mode 100644
index 0000000..7b618c9
--- /dev/null
+++ b/certmanager/certmanager-prod-2/kubernetes/secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cloudflare-api-token-secret
+  namespace: cert-manager
+type: Opaque
+stringData:
+  api-token: # Cloudflare API Token