diff --git a/net/acme-acmesh/files/hook.sh b/net/acme-acmesh/files/hook.sh
index 149a3e751a..4eb3f04fad 100644
--- a/net/acme-acmesh/files/hook.sh
+++ b/net/acme-acmesh/files/hook.sh
@@ -2,8 +2,8 @@
 set -u
 ACME=/usr/lib/acme/client/acme.sh
 LOG_TAG=acme-acmesh
-# webroot option deprecated, use the hardcoded value directly in the next major version
-WEBROOT=${webroot:-$challenge_dir}
+# webroot option deprecated, use the exported value directly in the next major version
+WEBROOT=${webroot:-$CHALLENGE_DIR}
 NOTIFY=/usr/lib/acme/notify
 
 # shellcheck source=net/acme/files/functions.sh
@@ -13,6 +13,28 @@ NOTIFY=/usr/lib/acme/notify
 export CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
 export NO_TIMESTAMP=1
 
+link_certs()
+{
+    local main_domain
+    local domain_dir
+    domain_dir="$1"
+    main_domain="$2"
+
+
+    if [ ! -e "$CERT_DIR/$main_domain.crt" ]; then
+		ln -s "$domain_dir/$main_domain.cer" "$CERT_DIR/$main_domain.crt"
+    fi
+    if [ ! -e "$CERT_DIR/$main_domain.key" ]; then
+		ln -s "$domain_dir/$main_domain.key" "$CERT_DIR/$main_domain.key"
+    fi
+    if [ ! -e "$CERT_DIR/$main_domain.fullchain.crt" ]; then
+		ln -s "$domain_dir/fullchain.cer" "$CERT_DIR/$main_domain.fullchain.crt"
+    fi
+    if [ ! -e "$CERT_DIR/$main_domain.chain.crt" ]; then
+		ln -s "$domain_dir/ca.cer" "$CERT_DIR/$main_domain.chain.crt"
+    fi
+}
+
 case $1 in
 get)
 	set --
@@ -45,20 +67,7 @@ get)
 
 			case $status in
 			0)
-				mkdir -p /etc/ssl/acme
-				if [ ! -e "/etc/ssl/acme/$main_domain.crt" ]; then
-					ln -s "$domain_dir/$main_domain.cer" "/etc/ssl/acme/$main_domain.crt"
-				fi
-				if [ ! -e "/etc/ssl/acme/$main_domain.key" ]; then
-					ln -s "$domain_dir/$main_domain.key" "/etc/ssl/acme/$main_domain.key"
-				fi
-				if [ ! -e "/etc/ssl/acme/$main_domain.fullchain.crt" ]; then
-					ln -s "$domain_dir/fullchain.cer" "/etc/ssl/acme/$main_domain.fullchain.crt"
-				fi
-				if [ ! -e "/etc/ssl/acme/$main_domain.chain.crt" ]; then
-					ln -s "$domain_dir/ca.cer" "/etc/ssl/acme/$main_domain.chain.crt"
-				fi
-
+                                link_certs "$domain_dir" "$main_domain"
 				$NOTIFY renewed
 				exit
 				;;
@@ -124,10 +133,7 @@ get)
 
 	case $status in
 	0)
-		ln -s "$domain_dir/$main_domain.cer" "/etc/ssl/acme/$main_domain.crt"
-		ln -s "$domain_dir/$main_domain.key" "/etc/ssl/acme/$main_domain.key"
-		ln -s "$domain_dir/fullchain.cer" "/etc/ssl/acme/$main_domain.fullchain.crt"
-		ln -s "$domain_dir/ca.cer" "/etc/ssl/acme/$main_domain.chain.crt"
+                link_certs "$domain_dir" "$main_domain"
 		$NOTIFY issued
 		;;
 	*)