diff --git a/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate b/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate
index afb324e..45f474a 100644
--- a/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate
+++ b/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate
@@ -23,7 +23,8 @@ fi
 
 if [ "$already_exists" != true ]
 then
+    mkdir -p "$cert_path"
     openssl req -x509 -newkey rsa:4096 -nodes -days 3650 -subj "/CN=$domain" -keyout "$cert_path/privkey.pem" -out "$cert_path/fullchain.pem"
     chmod 0600 "$cert_path/privkey.pem"
-    cp "$pubkey" "$cert_path/chain.pem"
+    cp "$cert_path/fullchain.pem" "$cert_path/chain.pem"
 fi
diff --git a/bundles/letsencrypt/items.py b/bundles/letsencrypt/items.py
index 4f5a64e..d55f12f 100644
--- a/bundles/letsencrypt/items.py
+++ b/bundles/letsencrypt/items.py
@@ -24,6 +24,9 @@ for domain, _ in node.metadata.get('letsencrypt/domains').items():
         'needed_by': {
             'svc_systemd:nginx',
         },
+        'triggers': {
+            'action:letsencrypt_update_certificates',
+        },
     }
 
 files = {