diff --git a/man/systemd.special.xml b/man/systemd.special.xml
index 1434ead7d5..fe40da7fbe 100644
--- a/man/systemd.special.xml
+++ b/man/systemd.special.xml
@@ -41,6 +41,7 @@
     <filename>hybrid-sleep.target</filename>,
     <filename>suspend-then-hibernate.target</filename>,
     <filename>initrd.target</filename>,
+    <filename>initrd-cryptsetup.target</filename>,
     <filename>initrd-fs.target</filename>,
     <filename>initrd-root-device.target</filename>,
     <filename>initrd-root-fs.target</filename>,
@@ -182,8 +183,10 @@
         <varlistentry>
           <term><filename>cryptsetup.target</filename></term>
           <listitem>
-            <para>A target that pulls in setup services for all
-            encrypted block devices.</para>
+            <para>A target that pulls in setup services for local encrypted block devices.
+            See <filename>remote-cryptsetup.target</filename> below for the equivalent target for remote
+            volumes, and <filename>initrd-cryptsetup.target</filename> below for the equivalent target in the
+            initrd.</para>
           </listitem>
         </varlistentry>
         <varlistentry>
@@ -352,12 +355,20 @@
         <varlistentry>
           <term><filename>initrd.target</filename></term>
           <listitem>
-            <para>This is the default target in the initramfs, similar to <filename>default.target</filename>
+            <para>This is the default target in the initrd, similar to <filename>default.target</filename>
             in the main system. It is used to mount the real root and transition to it. See
             <citerefentry><refentrytitle>bootup</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
             more discussion.</para>
           </listitem>
         </varlistentry>
+        <varlistentry>
+          <term><filename>initrd-cryptsetup.target</filename></term>
+          <listitem>
+            <para>A target that pulls in setup services for all encrypted block devices. See
+            <filename>cryptsetup.target</filename> and <filename>remote-cryptsetup.target</filename> for the
+            equivalent targets in the real root.</para>
+          </listitem>
+        </varlistentry>
         <varlistentry>
           <term><filename>initrd-fs.target</filename></term>
           <listitem>
@@ -549,7 +560,9 @@
             <para>Similar to <filename>cryptsetup.target</filename>, but for encrypted
             devices which are accessed over the network. It is used for
             <citerefentry><refentrytitle>crypttab</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-            entries marked with <option>_netdev</option>.</para>
+            entries marked with <option>_netdev</option>.
+            See <filename>cryptsetup.target</filename> for the equivalent target for local volumes, and
+            <filename>initrd-cryptsetup.target</filename> for the equivalent target in the initrd.</para>
           </listitem>
         </varlistentry>
         <varlistentry>
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index df589ec3e4..13e9f3aedd 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -455,10 +455,16 @@ static int create_disk(
                 }
         }
 
+        const char *target;
+        if (in_initrd())
+                target = "initrd-cryptsetup.target";
+        else if (netdev)
+                target = "remote-cryptsetup.target";
+        else
+                target = "cryptsetup.target";
+
         if (!nofail)
-                fprintf(f,
-                        "Before=%s\n",
-                        netdev ? "remote-cryptsetup.target" : "cryptsetup.target");
+                fprintf(f, "Before=%s\n", target);
 
         if (password && !keydev) {
                 r = print_dependencies(f, password);
@@ -521,8 +527,7 @@ static int create_disk(
                 return log_error_errno(r, "Failed to write unit file %s: %m", n);
 
         if (!noauto) {
-                r = generator_add_symlink(arg_dest,
-                                          netdev ? "remote-cryptsetup.target" : "cryptsetup.target",
+                r = generator_add_symlink(arg_dest, target,
                                           nofail ? "wants" : "requires", n);
                 if (r < 0)
                         return r;
diff --git a/units/initrd-cryptsetup.target b/units/initrd-cryptsetup.target
new file mode 100644
index 0000000000..2a2938c895
--- /dev/null
+++ b/units/initrd-cryptsetup.target
@@ -0,0 +1,17 @@
+#  SPDX-License-Identifier: LGPL-2.1+
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Initrd Encrypted Volumes
+Documentation=man:systemd.special(7)
+OnFailure=emergency.target
+OnFailureJobMode=replace-irreversibly
+AssertPathExists=/etc/initrd-release
+DefaultDependencies=no
+Conflicts=shutdown.target
diff --git a/units/meson.build b/units/meson.build
index 40ffca5058..a55e717868 100644
--- a/units/meson.build
+++ b/units/meson.build
@@ -28,6 +28,8 @@ units = [
         ['hybrid-sleep.target',                 'ENABLE_HIBERNATE'],
         ['suspend-then-hibernate.target',       'ENABLE_HIBERNATE'],
         ['initrd-cleanup.service',              'ENABLE_INITRD'],
+        ['initrd-cryptsetup.target',            'HAVE_LIBCRYPTSETUP ENABLE_INITRD',
+         'sysinit.target.wants/'],
         ['initrd-fs.target',                    'ENABLE_INITRD'],
         ['initrd-parse-etc.service',            'ENABLE_INITRD'],
         ['initrd-root-device.target',           'ENABLE_INITRD'],