diff --git a/profiles/apparmor.d/abstractions/ssl_certs b/profiles/apparmor.d/abstractions/ssl_certs
index 7234f061c..9937adda9 100644
--- a/profiles/apparmor.d/abstractions/ssl_certs
+++ b/profiles/apparmor.d/abstractions/ssl_certs
@@ -29,9 +29,9 @@
   /var/lib/acme/certs/*/cert r,
 
   # dehydrated
-  /etc/dehydrated/certs/*/cert-*.pem r,
-  /etc/dehydrated/certs/*/chain-*.pem r,
-  /etc/dehydrated/certs/*/fullchain-*.pem r,
+  /{var/lib,etc}/dehydrated/certs/*/cert-*.pem r,
+  /{var/lib,etc}/dehydrated/certs/*/chain-*.pem r,
+  /{var/lib,etc}/dehydrated/certs/*/fullchain-*.pem r,
 
   # certbot
   /etc/letsencrypt/archive/*/cert*.pem r,
diff --git a/profiles/apparmor.d/abstractions/ssl_keys b/profiles/apparmor.d/abstractions/ssl_keys
index f53d54e0d..37991c59e 100644
--- a/profiles/apparmor.d/abstractions/ssl_keys
+++ b/profiles/apparmor.d/abstractions/ssl_keys
@@ -22,7 +22,7 @@
   /var/lib/acme/keys/** r,
 
   # dehydrated
-  /etc/dehydrated/certs/*/privkey-*.pem r,
+  /{var/lib,etc}/dehydrated/certs/*/privkey-*.pem r,
 
   # certbot / letsencrypt
   /etc/letsencrypt/archive/*/privkey*.pem r,