diff --git a/Dockerfile b/Dockerfile
index 2add08e9b..f895636ee 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -71,12 +71,12 @@ RUN apk upgrade --no-cache -a && \
sed -i "s|APPSEC_PROCESS_TIMEOUT=.*|APPSEC_PROCESS_TIMEOUT=10000|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf
-FROM zoeyvid/nginx-quic:352-python
+FROM zoeyvid/nginx-quic:356-python
SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
COPY rootfs /
-COPY --from=zoeyvid/certbot-docker:64 /usr/local /usr/local
-COPY --from=zoeyvid/curl-quic:426 /usr/local/bin/curl /usr/local/bin/curl
+COPY --from=zoeyvid/certbot-docker:65 /usr/local /usr/local
+COPY --from=zoeyvid/curl-quic:427 /usr/local/bin/curl /usr/local/bin/curl
COPY --from=strip-backend /app /app
COPY --from=frontend /app/dist /html/frontend
diff --git a/README.md b/README.md
index eaa2161ec..0d8b02b23 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,8 @@ running at home or otherwise, including free TLS, without having to know too muc
**Note: add `net.ipv4.ip_unprivileged_port_start=0` at the end of `/etc/sysctl.conf` to support PUID/PGID in network mode host.**
**Note: Don't forget to open Port 80 (tcp) and 443 (tcp AND udp, http3/quic needs udp) in your firewall (because of network mode host, you also need to open this ports in ufw, if you use ufw).**
-**Note: If you don't use network mode host, which I don't recommend, don't forget to also expose port 443/udp (http3/quic needs udp), to enable IPv6 in Docker see step 1 and 2 [here](https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md).**
+**Note: If you don't use network mode host, which I don't recommend, don't forget to also expose port 443/udp (http3/quic needs udp) and to enable IPv6 in Docker see step 1 and 2 [here](https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md).**
+**MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING: please see/read/use the ACME_MUST_STAPLE env option of the compose.yaml**
## Project Goal