diff --git a/data/common/common.yaml b/data/common/common.yaml
--- a/data/common/common.yaml
+++ b/data/common/common.yaml
@@ -947,9 +947,9 @@
   azure-billing.internal.admin.swh.network:
     domains:
       - azure-billing.internal.admin.swh.network
-  maven-exporter0.internal.staging.swh.network:
+  maven-exporter.internal.staging.swh.network:
     domains:
-      - maven-exporter.internal.admin.swh.network
+      - maven-exporter.internal.staging.swh.network
 
 bind::update_key: local-update
 
@@ -1109,8 +1109,8 @@
     data: money.internal.admin.swh.network.
   maven-index-exporter/CNAME:
     type: CNAME
-    record: maven-exporter0.internal.staging.swh.network
-    data: maven-exporter.internal.staging.swh.network.
+    record: maven-exporter.internal.staging.swh.network
+    data: maven-exporter0.internal.staging.swh.network.
 # Non-puppet azure hosts
   pgmirror0.euwest.azure/A:
     record: pgmirror0.euwest.azure.internal.softwareheritage.org
diff --git a/data/subnets/vagrant.yaml b/data/subnets/vagrant.yaml
--- a/data/subnets/vagrant.yaml
+++ b/data/subnets/vagrant.yaml
@@ -221,6 +221,8 @@
     host: vault.internal.staging.swh.network
   10.168.130.70:
     host: maven-exporter0.internal.staging.swh.network
+    aliases:
+      - maven-exporter.internal.staging.swh.network
   10.168.130.80:
     host: search-esnode0.internal.staging.swh.network
   10.168.130.90:
diff --git a/site-modules/profile/manifests/maven_index_exporter.pp b/site-modules/profile/manifests/maven_index_exporter.pp
--- a/site-modules/profile/manifests/maven_index_exporter.pp
+++ b/site-modules/profile/manifests/maven_index_exporter.pp
@@ -101,4 +101,88 @@
       active => true,
     }
   }
+
+  # Vhost declaration
+
+  ::apache::vhost {"${vhost_name}_non-ssl":
+    servername      => $vhost_name,
+    port            => '80',
+    docroot         => $publish_path,
+    manage_docroot  => false,
+    redirect_status => 'permanent',
+    redirect_dest   => "https://${vhost_name}/",
+  }
+
+  ::profile::letsencrypt::certificate {$vhost_name:}
+
+  $cert_paths = ::profile::letsencrypt::certificate_paths($vhost_name)
+  ::apache::vhost {"${vhost_name}_ssl":
+    servername           => $vhost_name,
+    port                 => '443',
+    ssl                  => true,
+    ssl_protocol         => $vhost_ssl_protocol,
+    ssl_honorcipherorder => $vhost_ssl_honorcipherorder,
+    ssl_cipher           => $vhost_ssl_cipher,
+    ssl_cert             => $cert_paths['cert'],
+    ssl_chain            => $cert_paths['chain'],
+    ssl_key              => $cert_paths['privkey'],
+    headers              => [$vhost_hsts_header],
+    docroot              => $publish_path,
+    manage_docroot       => false,
+    require              => [
+      File[$cert_paths['cert']],
+      File[$cert_paths['chain']],
+      File[$cert_paths['privkey']],
+    ],
+  }
+
+  File[$cert_paths['cert'], $cert_paths['chain'], $cert_paths['privkey']] ~> Class['Apache::Service']
+
+  @@::icinga2::object::service {"Maven Index Exporter report http redirect on ${::fqdn}":
+    service_name  => 'maven index exporter report http redirect',
+    import        => ['generic-service'],
+    host_name     => $::fqdn,
+    check_command => 'http',
+    vars          => {
+      http_address => $vhost_name,
+      http_vhost   => $vhost_name,
+      http_uri     => '/',
+    },
+    target        => $icinga_checks_file,
+    tag           => 'icinga2::exported',
+  }
+
+  @@::icinga2::object::service {"Maven Index Exporter report https on ${::fqdn}":
+    service_name  => 'maven index exporter report https',
+    import        => ['generic-service'],
+    host_name     => $::fqdn,
+    check_command => 'http',
+    vars          => {
+      http_address    => $vhost_name,
+      http_vhost      => $vhost_name,
+      http_ssl        => true,
+      http_sni        => true,
+      http_uri        => '/',
+      http_onredirect => sticky
+    },
+    target        => $icinga_checks_file,
+    tag           => 'icinga2::exported',
+  }
+
+  @@::icinga2::object::service {"Maven Index Exporter report https certificate ${::fqdn}":
+    service_name  => 'maven index exporter report https certificate',
+    import        => ['generic-service'],
+    host_name     => $::fqdn,
+    check_command => 'http',
+    vars          => {
+      http_address     => $vhost_name,
+      http_vhost       => $vhost_name,
+      http_ssl         => true,
+      http_sni         => true,
+      http_certificate => 25,
+    },
+    target        => $icinga_checks_file,
+    tag           => 'icinga2::exported',
+  }
+
 }
diff --git a/site-modules/role/manifests/swh_maven_index_exporter.pp b/site-modules/role/manifests/swh_maven_index_exporter.pp
--- a/site-modules/role/manifests/swh_maven_index_exporter.pp
+++ b/site-modules/role/manifests/swh_maven_index_exporter.pp
@@ -1,5 +1,6 @@
 # SWH maven index exporter service
 class role::swh_maven_index_exporter inherits role::swh_base {
   include profile::docker
+  include profile::apache::simple_server
   include profile::maven_index_exporter
 }