diff --git a/Containers/apache/Caddyfile b/Containers/apache/Caddyfile
index fb6b80cb377..121f1778a14 100644
--- a/Containers/apache/Caddyfile
+++ b/Containers/apache/Caddyfile
@@ -14,6 +14,7 @@
     }
 }
 
+https://{$ADDITIONAL_TRUSTED_DOMAIN}:443,
 {$PROTOCOL}://{$NC_DOMAIN}:{$APACHE_PORT} {
 
     # Collabora
diff --git a/Containers/apache/start.sh b/Containers/apache/start.sh
index 06adb8820c4..9b89c2b59d5 100644
--- a/Containers/apache/start.sh
+++ b/Containers/apache/start.sh
@@ -51,6 +51,12 @@ else
 fi
 echo "$CADDYFILE" > /tmp/Caddyfile
 
+# Remove additional domain if not given
+if [ -z "$ADDITIONAL_TRUSTED_DOMAIN" ]; then
+    CADDYFILE="$(sed '/ADDITIONAL_TRUSTED_DOMAIN/d' /tmp/Caddyfile)"
+fi
+echo "$CADDYFILE" > /tmp/Caddyfile
+
 # Fix the Caddyfile format
 caddy fmt --overwrite /tmp/Caddyfile
 
diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh
index 213fdaed90d..c2dbebedf52 100644
--- a/Containers/nextcloud/entrypoint.sh
+++ b/Containers/nextcloud/entrypoint.sh
@@ -528,6 +528,9 @@ php /var/www/html/occ config:system:set trusted_proxies 1 --value="::1"
 if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then
     php /var/www/html/occ config:system:set trusted_proxies 2 --value="$ADDITIONAL_TRUSTED_PROXY"
 fi
+if [ -n "$ADDITIONAL_TRUSTED_DOMAIN" ]; then
+    php /var/www/html/occ config:system:set trusted_domains 2 --value="$ADDITIONAL_TRUSTED_DOMAIN"
+fi
 php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push"
 
 # Collabora
diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml
index d7f57ff3808..c6f41223ca2 100755
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml
@@ -37,6 +37,8 @@ spec:
               mountPath: /nextcloud-aio-nextcloud
       containers:
         - env:
+            - name: ADDITIONAL_TRUSTED_DOMAIN
+              value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
             - name: APACHE_MAX_SIZE
               value: "{{ .Values.APACHE_MAX_SIZE }}"
             - name: APACHE_MAX_TIME
diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
index 64562d6dc80..ad56d325738 100755
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
@@ -70,6 +70,8 @@ spec:
               value: "{{ .Values.APPS_ALLOWLIST }}"
             - name: ADDITIONAL_TRUSTED_PROXY
               value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}"
+            - name: ADDITIONAL_TRUSTED_DOMAIN
+              value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
             - name: SERVERINFO_TOKEN
               value: "{{ .Values.SERVERINFO_TOKEN }}"
             - name: ADDITIONAL_APKS
@@ -112,8 +114,6 @@ spec:
               value: nextcloud-aio-onlyoffice
             - name: ONLYOFFICE_SECRET
               value: "{{ .Values.ONLYOFFICE_SECRET }}"
-            - name: OVERWRITEHOST
-              value: "{{ .Values.NC_DOMAIN }}"
             - name: OVERWRITEPROTOCOL
               value: https
             - name: PHP_MAX_TIME
@@ -158,7 +158,7 @@ spec:
               value: "{{ .Values.TIMEZONE }}"
             - name: UPDATE_NEXTCLOUD_APPS
               value: "{{ .Values.UPDATE_NEXTCLOUD_APPS }}"
-          image: nextcloud/aio-nextcloud:20240124_105749-latest
+          image: nextcloud/aio-nextcloud:20240124_10574-latest
           name: nextcloud-aio-nextcloud
           ports:
             - containerPort: 9000
diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh
index bfc7fbff2db..20cd2f7009d 100755
--- a/nextcloud-aio-helm-chart/update-helm.sh
+++ b/nextcloud-aio-helm-chart/update-helm.sh
@@ -27,6 +27,7 @@ sed -i 's|^|export |' /tmp/sample.conf
 # shellcheck disable=SC1091
 source /tmp/sample.conf
 rm /tmp/sample.conf
+sed -i '/OVERWRITEHOST/d' latest.yml
 sed -i "s|:latest$|:$DOCKER_TAG-latest|" latest.yml
 sed -i "s|\${APACHE_IP_BINDING}:||" latest.yml
 sed -i '/APACHE_IP_BINDING/d' latest.yml
@@ -255,12 +256,23 @@ cat << EOL > /tmp/additional.config
               value: "{{ .Values.APPS_ALLOWLIST }}"
             - name: ADDITIONAL_TRUSTED_PROXY
               value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}"
+            - name: ADDITIONAL_TRUSTED_DOMAIN
+              value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
             - name: SERVERINFO_TOKEN
               value: "{{ .Values.SERVERINFO_TOKEN }}"
 EOL
 # shellcheck disable=SC1083
 find ./ -name '*nextcloud-deployment.yaml' -exec sed -i "/^.*\- env:/r /tmp/additional.config"  \{} \;
 
+# Additional config
+cat << EOL > /tmp/additional-apache.config
+            - name: ADDITIONAL_TRUSTED_DOMAIN
+              value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
+EOL
+# shellcheck disable=SC1083
+find ./ -name '*apache-deployment.yaml' -exec sed -i "/^.*\- env:/r /tmp/additional-apache.config"  \{} \;
+
+
 cd ../
 mkdir -p ../helm-chart/
 rm latest/Chart.yaml
@@ -305,6 +317,7 @@ SUBSCRIPTION_KEY:        # This allows to set the Nextcloud Enterprise key via E
 SERVERINFO_TOKEN:        # This allows to set the serverinfo app token for monitoring your Nextcloud via the serverinfo app
 APPS_ALLOWLIST:        # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments'
 ADDITIONAL_TRUSTED_PROXY:        # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here.
+ADDITIONAL_TRUSTED_DOMAIN:        # Allows to add one domain to Nextcloud's trusted domains and also generates a certificate automatically for it
 SMTP_HOST:        # (empty by default): The hostname of the SMTP server.
 SMTP_SECURE:         # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS.
 SMTP_PORT:         # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS.
diff --git a/nextcloud-aio-helm-chart/values.yaml b/nextcloud-aio-helm-chart/values.yaml
index f81e9d3c075..16d7cd5167f 100755
--- a/nextcloud-aio-helm-chart/values.yaml
+++ b/nextcloud-aio-helm-chart/values.yaml
@@ -51,6 +51,7 @@ SUBSCRIPTION_KEY:        # This allows to set the Nextcloud Enterprise key via E
 SERVERINFO_TOKEN:        # This allows to set the serverinfo app token for monitoring your Nextcloud via the serverinfo app
 APPS_ALLOWLIST:        # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments'
 ADDITIONAL_TRUSTED_PROXY:        # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here.
+ADDITIONAL_TRUSTED_DOMAIN:        # Allows to add one domain to Nextcloud's trusted domains and also generates a certificate automatically for it
 SMTP_HOST:        # (empty by default): The hostname of the SMTP server.
 SMTP_SECURE:         # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS.
 SMTP_PORT:         # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS.