diff --git a/.gitlab/ci_scripts/install_zerossl_issuer.sh b/.gitlab/ci_scripts/install_zerossl_issuer.sh
index 8d026829eb1ca2cb0e85a2021865f5a026d3cf3e..93ce50fbb393b2976b3ef827c259f0603bf80728 100755
--- a/.gitlab/ci_scripts/install_zerossl_issuer.sh
+++ b/.gitlab/ci_scripts/install_zerossl_issuer.sh
@@ -9,7 +9,6 @@
 set -euo pipefail
 
 # Create secret with HMAC key
-b64secret=$(echo -n "${ZEROSSL_EAB_HMAC_KEY}" | base64 -w0)
 b64tlskey=$(echo -n "${ZEROSSL_TLS_KEY}" | base64 -w0)
 
 # Wait until cert-manager is ready
@@ -26,14 +25,6 @@ metadata:
 data:
   tls.key: ${b64tlskey}
 ---
-apiVersion: v1
-kind: Secret
-metadata:
-  namespace: cert-manager
-  name: zerossl-eabsecret
-data:
-  secret: ${b64secret}
----
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
@@ -42,13 +33,10 @@ spec:
   acme:
     # The ACME server URL
     server: https://acme.zerossl.com/v2/DV90
+    disableAccountKeyGeneration: true
     externalAccountBinding:
       keyID: ${ZEROSSL_EAB_KID}
-      keySecretRef:
-        name: zerossl-eabsecret
-        key: secret
     # Name of the secret used to get the ACME account private key
-    disableAccountKeyGeneration: true
     privateKeySecretRef:
       name: zerossl-prod
     solvers: