diff --git a/ansible/env.local b/ansible/env.local
--- a/ansible/env.local
+++ b/ansible/env.local
@@ -34,3 +34,14 @@
 APP_PASSPHRASE=simple123
 
 MAIL_DRIVER=log
+
+KOLAB_SSL_CERTIFICATE=/etc/letsencrypt/live/{{ host }}/cert.pem
+KOLAB_SSL_CERTIFICATE_FULLCHAIN=/etc/letsencrypt/live/{{ host }}/fullchain.pem
+KOLAB_SSL_CERTIFICATE_KEY=/etc/letsencrypt/live/{{ host }}/privkey.pem
+
+PROXY_SSL_CERTIFICATE=/etc/letsencrypt/live/{{ host }}/fullchain.pem
+PROXY_SSL_CERTIFICATE_KEY=/etc/letsencrypt/live/{{ host }}/privkey.pem
+
+NGINX_SSL_CERTIFICATE=/etc/letsencrypt/live/{{ host }}/fullchain.pem
+NGINX_SSL_CERTIFICATE_KEY=/etc/letsencrypt/live/{{ host }}/privkey.pem
+
diff --git a/docker-compose.yml b/docker-compose.yml
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -38,9 +38,9 @@
       - DB_KOLAB_PASSWORD=Welcome2KolabSystems
       - DB_RC_USERNAME=roundcube
       - DB_RC_PASSWORD=Welcome2KolabSystems
-      - SSL_CERTIFICATE=/etc/letsencrypt/live/${APP_WEBSITE_DOMAIN:?err}/cert.pem
-      - SSL_CERTIFICATE_FULLCHAIN=/etc/letsencrypt/live/${APP_WEBSITE_DOMAIN:?err}/fullchain.pem
-      - SSL_CERTIFICATE_KEY=/etc/letsencrypt/live/${APP_WEBSITE_DOMAIN:?err}/privkey.pem
+      - SSL_CERTIFICATE=${KOLAB_SSL_CERTIFICATE:?err}
+      - SSL_CERTIFICATE_FULLCHAIN=${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err}
+      - SSL_CERTIFICATE_KEY=${KOLAB_SSL_CERTIFICATE_KEY:?err}
       - IMAP_HOST=127.0.0.1
       - IMAP_PORT=11993
       - MAIL_HOST=127.0.0.1
@@ -88,8 +88,8 @@
       context: ./docker/nginx/
       args:
         APP_WEBSITE_DOMAIN: ${APP_WEBSITE_DOMAIN:?err}
-        SSL_CERTIFICATE: /etc/letsencrypt/live/${APP_WEBSITE_DOMAIN:?err}/fullchain.pem
-        SSL_CERTIFICATE_KEY: /etc/letsencrypt/live/${APP_WEBSITE_DOMAIN:?err}/privkey.pem
+        SSL_CERTIFICATE: ${NGINX_SSL_CERTIFICATE:?err}
+        SSL_CERTIFICATE_KEY: ${NGINX_SSL_CERTIFICATE_KEY:?err}
     depends_on:
       kolab:
         condition: service_healthy
@@ -135,8 +135,8 @@
       context: ./docker/proxy/
       args:
         APP_WEBSITE_DOMAIN: ${APP_WEBSITE_DOMAIN:?err}
-        SSL_CERTIFICATE: /etc/letsencrypt/live/${APP_WEBSITE_DOMAIN:?err}/fullchain.pem
-        SSL_CERTIFICATE_KEY: /etc/letsencrypt/live/${APP_WEBSITE_DOMAIN:?err}/privkey.pem
+        SSL_CERTIFICATE: ${PROXY_SSL_CERTIFICATE:?err}
+        SSL_CERTIFICATE_KEY: ${PROXY_SSL_CERTIFICATE_KEY:?err}
     healthcheck:
       interval: 10s
       test: "kill -0 $$(cat /run/nginx.pid)"
diff --git a/src/.env.example b/src/.env.example
--- a/src/.env.example
+++ b/src/.env.example
@@ -174,3 +174,13 @@
 KB_ACCOUNT_DELETE=
 KB_ACCOUNT_SUSPENDED=
 KB_PAYMENT_SYSTEM=
+
+KOLAB_SSL_CERTIFICATE=/etc/pki/tls/certs/kolab.hosted.com.cert
+KOLAB_SSL_CERTIFICATE_FULLCHAIN=/etc/pki/tls/certs/kolab.hosted.com.chain.pem
+KOLAB_SSL_CERTIFICATE_KEY=/etc/pki/tls/certs/kolab.hosted.com.key
+
+PROXY_SSL_CERTIFICATE=/etc/pki/tls/certs/imap.hosted.com.cert
+PROXY_SSL_CERTIFICATE_KEY=/etc/pki/tls/certs/imap.hosted.com.key
+
+NGINX_SSL_CERTIFICATE=/etc/pki/tls/certs/imap.hosted.com.cert
+NGINX_SSL_CERTIFICATE_KEY=/etc/pki/tls/certs/imap.hosted.com.key