diff --git a/charts/mok/Chart.yaml b/charts/mok/Chart.yaml
index 04bbecdd195930e632801f5bcc65061bac0ca507..7ca8ae2328d1cf7f7544762681cac39d5573deca 100644
--- a/charts/mok/Chart.yaml
+++ b/charts/mok/Chart.yaml
@@ -3,7 +3,7 @@ name: mok
 description: |
   Mail on Kubernetes (MoK) is a project to deploy a functional mailserver that runs without a database server on Kubernetes, taking advantage of configmaps and secret.
 type: application
-version: 0.1.1
+version: 0.1.2
 sources:
   - https://de.postfix.org/ftpmirror/index.html
   - https://github.com/dovecot/core
diff --git a/charts/mok/README.md b/charts/mok/README.md
index 6a4f25fb9afda697ae537f214ef4f41e5946fa5d..92a5131735964ff86fe72478dfb082647e8b0270 100644
--- a/charts/mok/README.md
+++ b/charts/mok/README.md
@@ -1,6 +1,6 @@
 # mok
 
-![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
 
 Mail on Kubernetes (MoK) is a project to deploy a functional mailserver that runs without a database server on Kubernetes, taking advantage of configmaps and secret.
 
@@ -72,6 +72,7 @@ Mail on Kubernetes (MoK) is a project to deploy a functional mailserver that run
 | postfix.securityContext.capabilities.add[3] | string | `"SETUID"` | required to change user id as supervisord as well as postfix |
 | postfix.securityContext.capabilities.add[4] | string | `"SETGID"` | required to change group id as supervisord as well as postfix |
 | postfix.securityContext.capabilities.add[5] | string | `"FOWNER"` | required to set up the chroot directory on startup |
+| postfix.securityContext.capabilities.add[6] | string | `"DAC_OVERRIDE"` | required to setup TLS and alike |
 | postfix.securityContext.capabilities.drop[0] | string | `"ALL"` | getting rid of all capabilities since we already have too many |
 | postfix.securityContext.runAsNonRoot | bool | `false` |  |
 | postfix.service.public.type | string | `"LoadBalancer"` | type of the public endpoint for smtp, submission, and submissions. **Note**: It's configured to share the IP with dovecot in case of metallb |
diff --git a/charts/mok/values.yaml b/charts/mok/values.yaml
index aaf82844678a9cbe3aeb129d935fa69a05f107ba..63b7b95d59387b4740a726ee5fdf423744a3b047 100644
--- a/charts/mok/values.yaml
+++ b/charts/mok/values.yaml
@@ -69,6 +69,8 @@ postfix:
         - SETGID
         # -- required to set up the chroot directory on startup
         - FOWNER
+        # -- required to setup TLS and alike
+        - DAC_OVERRIDE
       drop:
         # -- getting rid of all capabilities since we already have too many
         - ALL