diff --git a/profiles/apparmor.d/abstractions/ssl_certs b/profiles/apparmor.d/abstractions/ssl_certs
index 50da52f7adb68b759fb1e2a541e912a626bbc131..7234f061c945bf21ffef655ba19d44b8c3384b9c 100644
--- a/profiles/apparmor.d/abstractions/ssl_certs
+++ b/profiles/apparmor.d/abstractions/ssl_certs
@@ -32,3 +32,8 @@
   /etc/dehydrated/certs/*/cert-*.pem r,
   /etc/dehydrated/certs/*/chain-*.pem r,
   /etc/dehydrated/certs/*/fullchain-*.pem r,
+
+  # certbot
+  /etc/letsencrypt/archive/*/cert*.pem r,
+  /etc/letsencrypt/archive/*/chain*.pem r,
+  /etc/letsencrypt/archive/*/fullchain*.pem r,
diff --git a/profiles/apparmor.d/abstractions/ssl_keys b/profiles/apparmor.d/abstractions/ssl_keys
index d629871ec3bf601f4d40f7582d2affefd90e0cf3..f53d54e0de53436c10672aa5123f3e5c31033298 100644
--- a/profiles/apparmor.d/abstractions/ssl_keys
+++ b/profiles/apparmor.d/abstractions/ssl_keys
@@ -23,3 +23,6 @@
 
   # dehydrated
   /etc/dehydrated/certs/*/privkey-*.pem r,
+
+  # certbot / letsencrypt
+  /etc/letsencrypt/archive/*/privkey*.pem r,