diff --git a/mariadb.yml b/mariadb.yml
index 04c4f59..a3c0aad 100644
--- a/mariadb.yml
+++ b/mariadb.yml
@@ -95,11 +95,11 @@
         chdir: /home/docker/mariadb.{{inventory_hostname}}
         creates: /home/docker/mariadb.{{inventory_hostname}}/ssl/client-cert.pem
 
-    - name: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf (generate SSL-Certificate)
+    - name: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf (use ssl in mariadb)
       blockinfile:
         path: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf
         create: yes
-        mode: 0550
+        mode: 0444
         owner: root
         group: docker
         marker: "# {mark} ANSIBLE MANAGED BLOCK"
@@ -111,6 +111,29 @@
           ssl-key=/etc/mysql/server-key.pem
         backup: yes
 
+    - name: /home/docker/mariadb.{{inventory_hostname}}/config.user.inc.php (use ssl in phpmyadmin)
+      blockinfile:
+        path: /home/docker/mariadb.{{inventory_hostname}}/phpmyadmin-config.user.inc.php
+        create: yes
+        mode: 0444
+        owner: root
+        group: docker
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          // IP address / host of your instance
+          $cfg['Servers'][$i]['host'] = 'mariadb.{{inventory_hostname}}';
+          // Use SSL for connection
+          $cfg['Servers'][$i]['ssl'] = true;
+          // Client secret key
+          $cfg['Servers'][$i]['ssl_key'] = '/etc/phpmyadmin/client-key.pem';
+          // Client certificate
+          $cfg['Servers'][$i]['ssl_cert'] = '/etc/phpmyadmin/client-cert.pem';
+          // Server certification authority
+          $cfg['Servers'][$i]['ssl_ca'] = '/etc/phpmyadmin/ca-cert.pem';
+          // Disable SSL verification
+          //$cfg['Servers'][$i]['ssl_verify'] = false;
+        backup: yes
+
     - name: /home/docker/mariadb.{{inventory_hostname}}/docker-compose.yml Container Configuration
       blockinfile:
         path: /home/docker/mariadb.{{inventory_hostname}}/docker-compose.yml
@@ -133,11 +156,11 @@
               volumes:
                 - ./db-data:/var/lib/mysql
                 - /etc/localtime:/etc/localtime:ro
-                - /home/docker/_defaults/mariadb/99-server.cnf:/etc/mysql/mariadb.conf.d/99-server.cnf
-                - ./ssl.cnf:/etc/mysql/mariadb.conf.d/99-ssl.cnf
-                - ./ssl/ca-cert.pem:/etc/mysql/ca-cert.pem
-                - ./ssl/server-cert.pem:/etc/mysql/server-cert.pem
-                - ./ssl/server-key.pem:/etc/mysql/server-key.pem
+                - /home/docker/_defaults/mariadb/99-server.cnf:/etc/mysql/mariadb.conf.d/99-server.cnf:ro
+                - ./ssl.cnf:/etc/mysql/mariadb.conf.d/99-ssl.cnf:ro
+                - ./ssl/ca-cert.pem:/etc/mysql/ca-cert.pem:ro
+                - ./ssl/server-cert.pem:/etc/mysql/server-cert.pem:ro
+                - ./ssl/server-key.pem:/etc/mysql/server-key.pem:ro
               env_file:
                 - env.db
                 - /home/docker/_defaults/mariadb/mariadb.env
@@ -153,6 +176,10 @@
                 - PMA_HOST=mariadb.{{inventory_hostname}}
               volumes:
                 - /etc/localtime:/etc/localtime:ro
+                - ./phpmyadmin-config.user.inc.php:/etc/phpmyadmin/config.user.inc.php:ro
+                - ./ssl/ca-cert.pem:/etc/phpmyadmin/ca-cert.pem:ro
+                - ./ssl/client-cert.pem:/etc/phpmyadmin/client-cert.pem:ro
+                - ./ssl/client-key.pem:/etc/phpmyadmin/client-key.pem:ro
               networks:
                 - mariadb.{{inventory_hostname}}--network
                 - traefik