diff --git a/handlers/main.yml b/handlers/main.yml
index 438fbd4..350f942 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -4,7 +4,6 @@
   service:
     name: httpd
     state: restarted
-  when: apache_restart
 
 - name: restart zabbix_agentd
   service:
diff --git a/tasks/certbot.yml b/tasks/certbot.yml
index ccfb076..730f0e5 100644
--- a/tasks/certbot.yml
+++ b/tasks/certbot.yml
@@ -1,7 +1,10 @@
 ---
 - name: install certbot
   package:
-    name: certbot
+    name:
+     - certbot
+     - mod_ssl
+
     state: present
 
 - name: install apache config file without ssl
@@ -24,13 +27,13 @@
 - name: generate certificates for domaine and subdomains
   vars:
     subdomains: "-d {{ apache_server_alias | join( ' -d ' ) }}"
-  command: certbot certonly --agree-tos --non-interactive -m {{ apache_ssl_root_email }} --webroot --webroot-path {{ apache_document_root }} -d {{ apache_server_name }} {{ subdomains }}
+  command: certbot certonly --agree-tos --non-interactive -m {{ apache_ssl_root_email }} --webroot --webroot-path {{ apache_document_root }} -d {{ apache_server_name }} --test-cert {{ subdomains }}
   args:
     creates: "{{ apache_ssl_chain }}"
   when: apache_server_alias is defined
 
 - name: generate certificates
-  command: certbot certonly --agree-tos  --non-interactive -m {{ apache_ssl_root_email }} --webroot --webroot-path {{ apache_document_root }} -d {{ apache_server_name }}
+  command: certbot certonly --agree-tos  --non-interactive -m {{ apache_ssl_root_email }} --webroot --webroot-path {{ apache_document_root }} -d {{ apache_server_name }} --test-cert
   args:
     creates: "{{ apache_ssl_chain }}"
   when: apache_server_alias is not defined
diff --git a/tasks/main.yml b/tasks/main.yml
index f8c1495..689c099 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -41,6 +41,10 @@
   include_tasks: dns.yml
   when: apache_use_dns
 
+- name: create certificate
+  include_tasks: certbot.yml
+  when: apache_use_ssl
+
 - name: vhost config file
   template:
     src: vhost.conf.jj
diff --git a/templates/vhost.conf.jj b/templates/vhost.conf.jj
index f65436b..0ac9cbc 100644
--- a/templates/vhost.conf.jj
+++ b/templates/vhost.conf.jj
@@ -8,7 +8,7 @@
    DocumentRoot {{ apache_document_root }}
    <Directory {{ apache_document_root }}>
       require all granted
-      Options -indexes
+      Options +indexes
    </Directory>
    {%if apache_use_ssl %}
    RewriteEngine on