diff --git a/quico_znc_nginx_reload.sh b/quico_znc_nginx_reload.sh
new file mode 100755
index 0000000..83975bf
--- /dev/null
+++ b/quico_znc_nginx_reload.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+reverse_fqdn_cert_id="${1:?}"
+
+# Prep dirs
+mkdir -p '/etc/pki/tls/certs/quico-ops/'{'user/'{'nginx','znc'}}'/'"${reverse_fqdn_cert_id}"
+chown -R 'znc:znc' '/etc/pki/tls/certs/quico-ops/user/znc'
+chmod -R 'u=rwX,go=' '/etc/pki/tls/certs/quico-ops/user/znc'
+chown -R 'nginx:nginx' '/etc/pki/tls/certs/quico-ops/user/nginx'
+chmod -R 'u=rwX,go=' '/etc/pki/tls/certs/quico-ops/user/nginx'
+
+# Prep ZNC
+rsync -a '/etc/pki/tls/certs/quico-ops/system/'"${reverse_fqdn_cert_id}"'/' '/etc/pki/tls/certs/quico-ops/user/znc/'"${reverse_fqdn_cert_id}"'/'
+cat '/etc/pki/tls/certs/quico-ops/user/znc/'"${reverse_fqdn_cert_id}"'/'{''"${reverse_fqdn_cert_id}"'.key','fullchain.cer'} > '/etc/pki/tls/certs/quico-ops/user/znc/'"${reverse_fqdn_cert_id}"'/znc.pem'
+chown -R 'znc:znc' '/etc/pki/tls/certs/quico-ops/user/znc'
+chmod -R 'u=rwX,go=' '/etc/pki/tls/certs/quico-ops/user/znc'
+
+# Prep Nginx
+rsync -a '/etc/pki/tls/certs/quico-ops/system/'"${reverse_fqdn_cert_id}"'/' '/etc/pki/tls/certs/quico-ops/user/nginx/'"${reverse_fqdn_cert_id}"'/'
+chown -R 'nginx:nginx' '/etc/pki/tls/certs/quico-ops/user/nginx'
+chmod -R 'u=rwX,go=' '/etc/pki/tls/certs/quico-ops/user/nginx'
+
+# Reload Nginx if active. ZNC on the other hand always delivers newest cert.
+# We don't have to care if ZNC is running.
+if systemctl --quiet is-active nginx.service; then
+    nginx -t && nginx -s reload
+fi