diff --git a/deployment/helm/datamate/values.yaml b/deployment/helm/datamate/values.yaml
index 50e29db2..852ad3a5 100644
--- a/deployment/helm/datamate/values.yaml
+++ b/deployment/helm/datamate/values.yaml
@@ -159,7 +159,7 @@ frontend:
     - *logVolume
     - name: cert-volume
       configMap:
-        name: cube-security-cert-cert
+        name: cube-security-nginx-cert
         optional: true
   volumeMounts:
     - name: log-volume
diff --git a/scripts/images/frontend/Dockerfile b/scripts/images/frontend/Dockerfile
index b848a09c..8f806b66 100644
--- a/scripts/images/frontend/Dockerfile
+++ b/scripts/images/frontend/Dockerfile
@@ -23,6 +23,7 @@ COPY scripts/images/frontend/start.sh /opt/frontend/start.sh
 
 RUN dos2unix /opt/frontend/start.sh \
     && chmod +x /opt/frontend/start.sh \
+    && mkdir -p /etc/nginx/cert \
     && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
     && rm -f /etc/nginx/conf.d/default.conf
 
diff --git a/scripts/images/frontend/start.sh b/scripts/images/frontend/start.sh
index 7879b9b1..05f8cdcf 100644
--- a/scripts/images/frontend/start.sh
+++ b/scripts/images/frontend/start.sh
@@ -6,12 +6,12 @@ if [ -f "/cert/server.pem" ]; then
 fi
 
 if [ -f "/cert/server.key" ]; then
-  if openssl rsa -in /cert/server.key -passin pass:test_check -noout 2>/dev/null; then
-    cp /cert/server.key /etc/nginx/cert/server.key
-  else
-    echo "$CERT_PASS" | openssl rsa -in /cert/server.key -out /etc/nginx/cert/server.key -passin stdin
-  fi
-  chown nginx:nginx /etc/nginx/cert/server.key
+    if openssl rsa -in /cert/server.key -passin pass:test_check -noout 2>/dev/null; then
+        cp /cert/server.key /etc/nginx/cert/server.key
+    else
+        echo "$CERT_PASS" | openssl rsa -in /cert/server.key -out /etc/nginx/cert/server.key -passin stdin
+    fi
+    chown nginx:nginx /etc/nginx/cert/server.key
 fi
 
 if [ -f "/etc/nginx/cert/server.pem" ]; then