diff --git a/roles/x509/tasks/main.yml b/roles/x509/tasks/main.yml
index b58e9e8..d9742b3 100644
--- a/roles/x509/tasks/main.yml
+++ b/roles/x509/tasks/main.yml
@@ -7,3 +7,8 @@
       curl https://get.acme.sh | INSTALLONLINE=1 LE_WORKING_DIR=/etc/x509 sh  # noqa: command-instead-of-module
     executable: /bin/bash
     creates: /etc/x509
+
+- name: Set default CA
+  ansible.builtin.command: /etc/x509/acme.sh --set-default-ca  --server  letsencrypt
+  register: acme_output
+  changed_when: acme_output.rc != 0