diff --git a/k8s/apps/pasarguard/deployment.yaml b/k8s/apps/pasarguard/deployment.yaml
index 4418785..291f0a1 100644
--- a/k8s/apps/pasarguard/deployment.yaml
+++ b/k8s/apps/pasarguard/deployment.yaml
@@ -46,6 +46,10 @@ spec:
               value: "8000"
             - name: DOCS
               value: "true"
+            - name: UVICORN_SSL_CERTFILE
+              value: "/app/tls/tls.crt"
+            - name: UVICORN_SSL_KEYFILE
+              value: "/app/tls/tls.key"
             - name: CUSTOM_TEMPLATES_DIRECTORY
               value: "/code/app/templates/"
             - name: SUBSCRIPTION_PAGE_TEMPLATE
@@ -55,9 +59,15 @@ spec:
               containerPort: 8000
               protocol: TCP
           volumeMounts:
+            - name: tls
+              mountPath: /app/tls
+              readOnly: true
             - name: subscription-template
               mountPath: /code/app/templates/subscription
       volumes:
+        - name: tls
+          secret:
+            secretName: pasarguard-tls
         - name: subscription-template
           emptyDir: {}
 ---
diff --git a/k8s/apps/pasarguard/ingress.yaml b/k8s/apps/pasarguard/ingress.yaml
index f75b5d5..a8675c0 100644
--- a/k8s/apps/pasarguard/ingress.yaml
+++ b/k8s/apps/pasarguard/ingress.yaml
@@ -1,3 +1,12 @@
+---
+apiVersion: traefik.io/v1alpha1
+kind: ServersTransport
+metadata:
+  name: pasarguard-transport
+spec:
+  serverName: ps.hexor.cy
+  insecureSkipVerify: true
+---
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -11,5 +20,7 @@ spec:
       services:
         - name: pasarguard
           port: 80
+          scheme: https
+          serversTransport: pasarguard-pasarguard-transport@kubernetescrd
   tls:
     secretName: pasarguard-tls