diff --git a/roles/ocserv/files/reload-ocserv.sh b/roles/ocserv/files/reload-ocserv.sh
new file mode 100644
index 0000000..6cdbfd2
--- /dev/null
+++ b/roles/ocserv/files/reload-ocserv.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+/sbin/service ocserv reload
diff --git a/roles/ocserv/tasks/main.yml b/roles/ocserv/tasks/main.yml
index 3201c77..25f23af 100644
--- a/roles/ocserv/tasks/main.yml
+++ b/roles/ocserv/tasks/main.yml
@@ -53,6 +53,12 @@
   loop: '{{ vpn.routes | dict2items }}'
   notify: restart ocserv
 
+- name: Install certificate renewal deployment hook
+  copy:
+    dest: /etc/letsencrypt/renewal-hooks/deploy/
+    src: reload-ocserv.sh
+    mode: 0755
+
 - name: Create ocserv service override directory
   file:
     path: /etc/systemd/system/ocserv.service.d