diff --git a/site-modules/profile/manifests/stats_web.pp b/site-modules/profile/manifests/stats_web.pp
index 14252118..d2637bef 100644
--- a/site-modules/profile/manifests/stats_web.pp
+++ b/site-modules/profile/manifests/stats_web.pp
@@ -1,55 +1,53 @@
 # Deployment of web-facing stats export (from munin)
 class profile::stats_web {
   $vhost_name = lookup('stats_export::vhost::name')
   $vhost_docroot = lookup('stats_export::vhost::docroot')
   $vhost_ssl_protocol = lookup('stats_export::vhost::ssl_protocol')
   $vhost_ssl_honorcipherorder = lookup('stats_export::vhost::ssl_honorcipherorder')
   $vhost_ssl_cipher = lookup('stats_export::vhost::ssl_cipher')
   $vhost_hsts_header = lookup('stats_export::vhost::hsts_header')
 
   file {$vhost_docroot:
     ensure  => directory,
     owner   => 'www-data',
     group   => 'www-data',
     mode    => '0755',
   }
 
   include ::profile::apache::common
-  include ::profile::ssl
 
   ::apache::vhost {"${vhost_name}_non-ssl":
     servername      => $vhost_name,
     port            => '80',
     docroot         => $vhost_docroot,
     redirect_status => 'permanent',
     redirect_dest   => "https://${vhost_name}/",
   }
 
-  $ssl_cert_name = 'stats_export_softwareheritage_org'
-  $ssl_cert = $::profile::ssl::certificate_paths[$ssl_cert_name]
-  $ssl_chain   = $::profile::ssl::chain_paths[$ssl_cert_name]
-  $ssl_key  = $::profile::ssl::private_key_paths[$ssl_cert_name]
+  $ssl_cert_name = 'stats_export'
+  ::profile::letsencrypt::certificate {$ssl_cert_name:}
+  $cert_paths = ::profile::letsencrypt::certificate_paths($ssl_cert_name)
 
   ::apache::vhost {"${vhost_name}_ssl":
     servername           => $vhost_name,
     port                 => '443',
     ssl                  => true,
     ssl_protocol         => $vhost_ssl_protocol,
     ssl_honorcipherorder => $vhost_ssl_honorcipherorder,
     ssl_cipher           => $vhost_ssl_cipher,
-    ssl_cert             => $ssl_cert,
-    ssl_chain            => $ssl_chain,
-    ssl_key              => $ssl_key,
+    ssl_cert             => $cert_paths['cert'],
+    ssl_chain            => $cert_paths['chain'],
+    ssl_key              => $cert_paths['privkey'],
     headers              => [$vhost_hsts_header],
     docroot              => $vhost_docroot,
     proxy_pass           => {
       path => '/',
       url  => 'http://munin.internal.softwareheritage.org/export/'
     },
     require              => [
-        File[$ssl_cert],
+        Profile::Letsencrypt::Certificate[$ssl_cert_name],
         File[$ssl_chain],
         File[$ssl_key],
      ],
   }
 }