diff --git a/cinder/Chart.yaml b/cinder/Chart.yaml
index e7bae19905..e7f3469530 100644
--- a/cinder/Chart.yaml
+++ b/cinder/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Cinder
 name: cinder
-version: 0.1.6
+version: 0.1.7
 home: https://docs.openstack.org/cinder/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Cinder/OpenStack_Project_Cinder_vertical.png
 sources:
diff --git a/cinder/values_overrides/tls.yaml b/cinder/values_overrides/tls.yaml
index 3849cde9ca..9b97c7c3b3 100644
--- a/cinder/values_overrides/tls.yaml
+++ b/cinder/values_overrides/tls.yaml
@@ -97,6 +97,7 @@ endpoints:
           secretName: cinder-tls-api
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
       internal: https
@@ -110,6 +111,7 @@ endpoints:
           secretName: cinder-tls-api
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
       internal: https
@@ -123,6 +125,7 @@ endpoints:
           secretName: cinder-tls-api
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
       internal: https
diff --git a/glance/Chart.yaml b/glance/Chart.yaml
index c0fb05705f..7ae9544a65 100644
--- a/glance/Chart.yaml
+++ b/glance/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Glance
 name: glance
-version: 0.1.1
+version: 0.1.2
 home: https://docs.openstack.org/glance/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Glance/OpenStack_Project_Glance_vertical.png
 sources:
diff --git a/glance/values_overrides/tls.yaml b/glance/values_overrides/tls.yaml
index 20d8ff4b0b..b96d1e7ee0 100644
--- a/glance/values_overrides/tls.yaml
+++ b/glance/values_overrides/tls.yaml
@@ -92,6 +92,7 @@ endpoints:
           secretName: glance-tls-api
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
       public: https
@@ -105,6 +106,7 @@ endpoints:
           secretName: glance-tls-reg
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
       public: https
diff --git a/heat/Chart.yaml b/heat/Chart.yaml
index 3abc2a7b2b..095ae73ad0 100644
--- a/heat/Chart.yaml
+++ b/heat/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Heat
 name: heat
-version: 0.1.2
+version: 0.1.3
 home: https://docs.openstack.org/heat/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Heat/OpenStack_Project_Heat_vertical.png
 sources:
diff --git a/heat/values_overrides/tls.yaml b/heat/values_overrides/tls.yaml
index f7f36e4384..ddeb59dfaf 100644
--- a/heat/values_overrides/tls.yaml
+++ b/heat/values_overrides/tls.yaml
@@ -144,6 +144,7 @@ endpoints:
           secretName: heat-tls-api
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
     port:
@@ -156,6 +157,7 @@ endpoints:
           secretName: heat-tls-cfn
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
     port:
@@ -169,7 +171,7 @@ endpoints:
           secretName: heat-tls-cloudwatch
           issuerRef:
             name: ca-issuer
-            kind: Issuer
+            kind: ClusterIssuer
   ingress:
     port:
       ingress:
diff --git a/horizon/Chart.yaml b/horizon/Chart.yaml
index 3b12318bab..154dd4e08d 100644
--- a/horizon/Chart.yaml
+++ b/horizon/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Horizon
 name: horizon
-version: 0.1.3
+version: 0.1.4
 home: https://docs.openstack.org/horizon/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Horizon/OpenStack_Project_Horizon_vertical.png
 sources:
diff --git a/horizon/values_overrides/tls.yaml b/horizon/values_overrides/tls.yaml
index 82e25d0259..562962d20a 100644
--- a/horizon/values_overrides/tls.yaml
+++ b/horizon/values_overrides/tls.yaml
@@ -93,6 +93,7 @@ endpoints:
           secretName: horizon-tls-web
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
       public: https
diff --git a/keystone/Chart.yaml b/keystone/Chart.yaml
index 616da07f8c..f55f1e05f7 100644
--- a/keystone/Chart.yaml
+++ b/keystone/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Keystone
 name: keystone
-version: 0.1.3
+version: 0.1.4
 home: https://docs.openstack.org/keystone/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Keystone/OpenStack_Project_Keystone_vertical.png
 sources:
diff --git a/keystone/values_overrides/tls.yaml b/keystone/values_overrides/tls.yaml
index 5aaa7cf3dc..7b19d4fad9 100644
--- a/keystone/values_overrides/tls.yaml
+++ b/keystone/values_overrides/tls.yaml
@@ -68,7 +68,7 @@ endpoints:
           secretName: keystone-tls-api
           issuerRef:
             name: ca-issuer
-            kind: Issuer
+            kind: ClusterIssuer
     scheme:
       default: https
       public: https
diff --git a/neutron/Chart.yaml b/neutron/Chart.yaml
index e4d452d1b7..f43d5f3a24 100644
--- a/neutron/Chart.yaml
+++ b/neutron/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Neutron
 name: neutron
-version: 0.1.6
+version: 0.1.7
 home: https://docs.openstack.org/neutron/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Neutron/OpenStack_Project_Neutron_vertical.png
 sources:
diff --git a/neutron/values_overrides/tls.yaml b/neutron/values_overrides/tls.yaml
index e8aa3fe762..b55a16092c 100644
--- a/neutron/values_overrides/tls.yaml
+++ b/neutron/values_overrides/tls.yaml
@@ -117,6 +117,7 @@ endpoints:
           secretName: neutron-tls-server
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
     port:
diff --git a/nova/Chart.yaml b/nova/Chart.yaml
index 7e22ff87b5..bc04b638dd 100644
--- a/nova/Chart.yaml
+++ b/nova/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Nova
 name: nova
-version: 0.1.7
+version: 0.1.8
 home: https://docs.openstack.org/nova/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Nova/OpenStack_Project_Nova_vertical.png
 sources:
diff --git a/nova/values_overrides/tls.yaml b/nova/values_overrides/tls.yaml
index 7df4dd82e9..59a8e7a63c 100644
--- a/nova/values_overrides/tls.yaml
+++ b/nova/values_overrides/tls.yaml
@@ -171,6 +171,7 @@ endpoints:
           secretName: nova-tls-api
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: 'https'
     port:
@@ -183,6 +184,7 @@ endpoints:
           secretName: metadata-tls-metadata
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
     port:
@@ -195,6 +197,7 @@ endpoints:
           secretName: nova-novncproxy-tls-proxy
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
     port:
@@ -207,6 +210,7 @@ endpoints:
           secretName: nova-tls-spiceproxy
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
   placement:
@@ -216,6 +220,7 @@ endpoints:
           secretName: placement-tls-api
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
     port:
diff --git a/placement/Chart.yaml b/placement/Chart.yaml
index df697b46bb..0c433f7ee6 100644
--- a/placement/Chart.yaml
+++ b/placement/Chart.yaml
@@ -16,7 +16,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Placement
 name: placement
-version: 0.1.4
+version: 0.1.5
 home: https://docs.openstack.org/placement/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Placement/OpenStack_Project_Placement_vertical.png
 sources:
diff --git a/placement/values_overrides/tls.yaml b/placement/values_overrides/tls.yaml
index b2906032e4..adfd3594c0 100644
--- a/placement/values_overrides/tls.yaml
+++ b/placement/values_overrides/tls.yaml
@@ -68,6 +68,7 @@ endpoints:
           secretName: placement-tls-api
           issuerRef:
             name: ca-issuer
+            kind: ClusterIssuer
     scheme:
       default: https
     port:
diff --git a/tools/scripts/tls/cert-manager.sh b/tools/scripts/tls/cert-manager.sh
index a3ab4a1cb4..6590c172b7 100755
--- a/tools/scripts/tls/cert-manager.sh
+++ b/tools/scripts/tls/cert-manager.sh
@@ -2,7 +2,7 @@
 
 set -eux
 
-: ${CERT_MANAGER_VERSION:="v0.15.0"}
+: ${CERT_MANAGER_VERSION:="v1.1.0"}
 
 cert_path="/etc/openstack-helm"
 ca_cert_root="$cert_path/certs/ca"
@@ -126,14 +126,12 @@ helm repo update
 helm install --name cert-manager --namespace cert-manager \
   --version ${CERT_MANAGER_VERSION} jetstack/cert-manager \
   --set installCRDs=true \
-  --set featureGates=ExperimentalCertificateControllers=true \
   --set extraArgs[0]="--enable-certificate-owner-ref=true"
 
 # helm 3 command
 # helm install cert-manager jetstack/cert-manager --namespace cert-manager \
 #   --version ${CERT_MANAGER_VERSION} \
 #   --set installCRDs=true \
-#.  --set featureGates=ExperimentalCertificateControllers=true \
 #   --set extraArgs[0]="--enable-certificate-owner-ref=true"
 
 helm repo remove jetstack
@@ -147,16 +145,15 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: ca-key-pair
-  namespace: openstack
+  namespace: cert-manager
 data:
   tls.crt: $crt
   tls.key: $key
 ---
-apiVersion: cert-manager.io/v1alpha3
-kind: Issuer
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
 metadata:
   name: ca-issuer
-  namespace: openstack
 spec:
   ca:
     secretName: ca-key-pair