diff --git a/playbooks/groups/pagure.yml b/playbooks/groups/pagure.yml
index 632a7df1db..7aea38f55e 100644
--- a/playbooks/groups/pagure.yml
+++ b/playbooks/groups/pagure.yml
@@ -41,6 +41,33 @@
    - "{{ vars_path }}/{{ ansible_distribution }}.yml"
 
   roles:
+
+  #
+  # use letsencrypt to get ssl certs
+  #
+  - role: letsencrypt
+    site_name: "stg.pagure.io"
+    server_aliases:
+    - stg.pagure.io
+    - docs.stg.pagure.org
+    - releases.stg.pagure.org
+    - stg.pagure.org
+    tags:
+    - pagure.io
+    when: env == "staging"
+
+  - role: letsencrypt
+    site_name: "pagure.io"
+    server_aliases:
+    - docs.pagure.org
+    - lists.pagure.io
+    - pagure.org
+    - releases.pagure.org
+    - www.pagure.io
+    tags:
+    - pagure.io
+    when: env != "staging"
+
   - pagure
 
   handlers:
diff --git a/roles/pagure/tasks/main.yml b/roles/pagure/tasks/main.yml
index 4a80b39c8f..2f58261968 100644
--- a/roles/pagure/tasks/main.yml
+++ b/roles/pagure/tasks/main.yml
@@ -139,22 +139,6 @@
   - pagure
   - mirror
 
-# We need the SSL certs early on
-
-- name: Install the SSL cert so that we can use https
-  copy: >
-      src={{ private}}/files/httpd/{{ item }} dest=/etc/pki/tls/certs/{{ item }}
-      owner=root group=root mode=0600
-  notify: restart stunnel
-  with_items:
-  - pagure.io.cert
-  - pagure.io.key
-  - pagure.io.intermediate.cert
-  tags:
-  - config
-  - pagure
-  - httpd/certificate
-
 # Set-up postfix and the milter for postfix
 
 - name: Add the /etc/aliases file