diff --git a/docker-compose.yml b/docker-compose.yml
index fcb50aa..06de069 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -25,6 +25,7 @@ services:
       - ./data/prosody:/var/lib/prosody
       - ./logs/prosody:/var/log/prosody
       - ./data/prosody/configuration:/etc/prosody/conf.d
+      - /etc/letsencrypt/live/xmpp.guschin.info:/etc/prosody/certs/letsencrypt:ro
     restart: unless-stopped
     mem_limit: 200M
     healthcheck:
diff --git a/entrypoint.sh b/entrypoint.sh
index 2e0e9ef..aea00cd 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -38,12 +38,18 @@ fi
 # (directories are already created in Dockerfile with proper ownership)
 touch /var/log/prosody/prosody.log /var/log/prosody/prosody.err 2>/dev/null || true
 
-# Generate self-signed certificate if needed
+# Use Let's Encrypt certificate if available, otherwise generate self-signed
 CERT_PATH="/etc/prosody/certs/xmpp.guschin.info.crt"
 KEY_PATH="/etc/prosody/certs/xmpp.guschin.info.key"
+LETSENCRYPT_CERT="/etc/prosody/certs/letsencrypt/fullchain.pem"
+LETSENCRYPT_KEY="/etc/prosody/certs/letsencrypt/privkey.pem"
 
-if [ ! -f "$CERT_PATH" ] || [ ! -f "$KEY_PATH" ]; then
-    echo "Generating self-signed certificate..."
+if [ -f "$LETSENCRYPT_CERT" ] && [ -f "$LETSENCRYPT_KEY" ]; then
+    echo "Using Let's Encrypt certificate..."
+    ln -sf "$LETSENCRYPT_CERT" "$CERT_PATH"
+    ln -sf "$LETSENCRYPT_KEY" "$KEY_PATH"
+elif [ ! -f "$CERT_PATH" ] || [ ! -f "$KEY_PATH" ]; then
+    echo "Let's Encrypt certificate not found, generating self-signed certificate..."
     openssl req -x509 -newkey rsa:4096 -keyout "$KEY_PATH" -out "$CERT_PATH" \
         -days 365 -nodes -subj "/CN=xmpp.guschin.info"
     chmod 600 "$KEY_PATH"