diff --git a/mariadb.yml b/mariadb.yml
index 8c68ec6..98270b0 100644
--- a/mariadb.yml
+++ b/mariadb.yml
@@ -94,18 +94,12 @@
         backup: yes
         validate: /bin/bash -n %s
 
-    - name: /home/docker/mariadb.{{inventory_hostname}}/genssl.sh shebang
+    - name: /usr/local/sbin/autoupdate.d/mariadb-ssl.update shebang
       lineinfile:
-        path: /home/docker/mariadb.{{inventory_hostname}}/genssl.sh
+        path: /usr/local/sbin/autoupdate.d/mariadb-ssl.update
         insertbefore: BOF
         line: "#!/bin/bash -e"
 
-    - name: Gen initial SSL if not exists
-      ansible.builtin.shell: ./genssl.sh
-      args:
-        chdir: /home/docker/mariadb.{{inventory_hostname}}
-        creates: /home/docker/mariadb.{{inventory_hostname}}/ssl/certificate.pem
-
     - name: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf (use ssl in mariadb)
       blockinfile:
         path: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf
@@ -210,6 +204,11 @@
         backup: yes        
       notify: Restart mariadb
 
+    - name: Get letsencrypt cert from traefik
+      ansible.builtin.shell: /usr/local/sbin/autoupdate.d/mariadb-ssl.update
+      args:
+        chdir: /home/docker/mariadb.{{inventory_hostname}}
+        creates: /home/docker/mariadb.{{inventory_hostname}}/ssl/certificate.pem
 
   handlers: