diff --git a/security/acme-client/Makefile b/security/acme-client/Makefile
index 22d30a042..9f8906b31 100644
--- a/security/acme-client/Makefile
+++ b/security/acme-client/Makefile
@@ -1,5 +1,5 @@
 PLUGIN_NAME=		acme-client
-PLUGIN_VERSION=		4.12
+PLUGIN_VERSION=		4.13
 PLUGIN_COMMENT=		ACME Client
 PLUGIN_MAINTAINER=	opnsense@moov.de
 PLUGIN_DEPENDS=		acme.sh py${PLUGIN_PYTHON}-dns-lexicon
diff --git a/security/acme-client/pkg-descr b/security/acme-client/pkg-descr
index 4402d75ce..9fbe37ce3 100644
--- a/security/acme-client/pkg-descr
+++ b/security/acme-client/pkg-descr
@@ -8,6 +8,20 @@ WWW: https://github.com/acmesh-official/acme.sh
 Plugin Changelog
 ================
 
+4.13
+
+Added:
+* add support for ACME profiles (#5154)
+* add support for deploy hook "Ruckus" (#5157)
+* add support for Spaceship.com DNS API (#5158)
+* add global access key option for TransIP DNS API (#5166)
+
+Changed:
+* allow setting renewal interval to 0 (#5168)
+
+Fixed:
+* remove duplicate slashes in nsupdate, TransIP, OPNsense, TLS ALPN challenge types (#5166)
+
 4.12
 
 Added:
diff --git a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsNsupdate.php b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsNsupdate.php
index 999276751..fba6d3662 100644
--- a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsNsupdate.php
+++ b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsNsupdate.php
@@ -40,7 +40,7 @@ class DnsNsupdate extends Base implements LeValidationInterface
     public function prepare()
     {
         $configdir = (string)sprintf(self::ACME_CONFIG_DIR, $this->cert_id);
-        $secret_key_filename = "{$configdir}/secret.key";
+        $secret_key_filename = "{$configdir}secret.key";
         $secret_key_data = (string)$this->config->dns_nsupdate_key . "\n";
         file_put_contents($secret_key_filename, $secret_key_data);
 
diff --git a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsTransip.php b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsTransip.php
index e87ff3db2..b62043acf 100644
--- a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsTransip.php
+++ b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsTransip.php
@@ -40,7 +40,7 @@ class DnsTransip extends Base implements LeValidationInterface
     public function prepare()
     {
         $configdir = (string)sprintf(self::ACME_CONFIG_DIR, $this->cert_id);
-        $secret_key_filename = "{$configdir}/secret.key";
+        $secret_key_filename = "{$configdir}secret.key";
         $secret_key_data = (string)$this->config->dns_transip_key . "\n";
         file_put_contents($secret_key_filename, $secret_key_data);
 
diff --git a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/HttpOpnsense.php b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/HttpOpnsense.php
index 03ca5e97c..bbb2cb594 100644
--- a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/HttpOpnsense.php
+++ b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/HttpOpnsense.php
@@ -127,10 +127,10 @@ class HttpOpnsense extends Base implements LeValidationInterface
         }
 
         // Create temporary port forward to allow acme challenges to get through
-        File::file_put_contents("{$configdir}/acme_anchor_setup", "rdr-anchor \"acme-client\"\n", 0600);
+        File::file_put_contents("{$configdir}acme_anchor_setup", "rdr-anchor \"acme-client\"\n", 0600);
         Shell::run_safe('/sbin/pfctl -f %s', ["{$configdir}/acme_anchor_setup"]);
-        File::file_put_contents("{$configdir}/acme_anchor_rules", $anchor_rules, 0600);
-        Shell::run_safe('/sbin/pfctl -a %s -f %s', ['acme-client', "{$configdir}/acme_anchor_rules"]);
+        File::file_put_contents("{$configdir}acme_anchor_rules", $anchor_rules, 0600);
+        Shell::run_safe('/sbin/pfctl -a %s -f %s', ['acme-client', "{$configdir}acme_anchor_rules"]);
     }
 
     public function cleanup()
diff --git a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/TlsalpnAcme.php b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/TlsalpnAcme.php
index df5819600..f662e90a2 100644
--- a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/TlsalpnAcme.php
+++ b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/TlsalpnAcme.php
@@ -128,10 +128,10 @@ class TlsalpnAcme extends Base implements LeValidationInterface
         }
 
         // Create temporary port forward to allow acme challenges to get through
-        File::file_put_contents("{$configdir}/acme_anchor_setup", "rdr-anchor \"acme-client\"\n", 0600);
+        File::file_put_contents("{$configdir}acme_anchor_setup", "rdr-anchor \"acme-client\"\n", 0600);
         Shell::run_safe('/sbin/pfctl -f %s', ["{$configdir}/acme_anchor_setup"]);
-        File::file_put_contents("{$configdir}/acme_anchor_rules", $anchor_rules, 0600);
-        Shell::run_safe("/sbin/pfctl -a %s -f %s", ['acme-client', "{$configdir}/acme_anchor_rules"]);
+        File::file_put_contents("{$configdir}acme_anchor_rules", $anchor_rules, 0600);
+        Shell::run_safe("/sbin/pfctl -a %s -f %s", ['acme-client', "{$configdir}acme_anchor_rules"]);
     }
 
     public function cleanup()