diff --git a/tasks/main_certs.yml b/tasks/main_certs.yml
index 92e72ed..cfd43c8 100644
--- a/tasks/main_certs.yml
+++ b/tasks/main_certs.yml
@@ -56,6 +56,10 @@
   loop: "{{ _cert_slurp.results }}"
   loop_control:
     loop_var: install
+    label:
+      path: "{{ install.item.dest | dirname }}"
+      state: directory
+      mode: '0755'
 
 - name: Install Server certificates to targets
   copy:
@@ -67,7 +71,11 @@
   loop: "{{ _cert_slurp.results }}"
   loop_control:
     loop_var: install
-  no_log: true
+    label:
+      dest: "{{ install.item.dest }}"
+      owner: "{{ install.item.owner | default(omit) }}"
+      group: "{{ install.item.group | default('omit') }}"
+      mode: "{{ install.item.mode | default('0644') }}"
   ignore_errors: "{{ ansible_check_mode }}"
   notify:
     - cert installed
diff --git a/tasks/standalone/install_ca.yml b/tasks/standalone/install_ca.yml
index 37e81f9..9e4146f 100644
--- a/tasks/standalone/install_ca.yml
+++ b/tasks/standalone/install_ca.yml
@@ -28,6 +28,9 @@
     dest: "{{ pki_trust_store_location[ansible_facts['pkg_mgr']] }}/{{ item.item.filename | default(item.item.name ~ '.crt') }}"
   register: ca_copy
   loop: "{{ _ca_slurp.results | default([]) }}"
+  loop_control:
+    label:
+      dest: "{{ pki_trust_store_location[ansible_facts['pkg_mgr']] }}/{{ item.item.filename | default(item.item.name ~ '.crt') }}"
   when: item.skipped is not defined
   ignore_errors: "{{ ansible_check_mode }}"