diff --git a/roles/dovecot/tasks/main.yaml b/roles/dovecot/tasks/main.yaml
index 038e649..e44d1de 100644
--- a/roles/dovecot/tasks/main.yaml
+++ b/roles/dovecot/tasks/main.yaml
@@ -133,27 +133,12 @@
   failed_when: false
 
 - block:
-    - name: get pub key
-      slurp:
-        src: "/etc/dovecot/private/dovecot.csr"
-      register: pub_key
-
-    - debug:
-        var: pub_key
-        verbosity: 2
-
     - name: generate host request
-      set_fact:
-        ca_request:
-          type: 'sign_request'
-          request:
-            keyType: 'ssl_host'
-            hostName: '{{ inventory_hostname }}.lilik.it'
-            keyData: "{{ pub_key.content| b64decode}}"
-
-    - debug:
-        var: authorities_request
-        verbosity: 2
+      cert_request:
+        host: "{{ inventory_hostname }}.lilik.it"
+        path: "/etc/dovecot/private/dovecot.csr"
+        proto: "ssl"
+      register: ca_request
 
     - name: start sign request
       include: ca-dialog.yaml
diff --git a/roles/exim4/tasks/main.yaml b/roles/exim4/tasks/main.yaml
index bd75158..417f91d 100644
--- a/roles/exim4/tasks/main.yaml
+++ b/roles/exim4/tasks/main.yaml
@@ -106,27 +106,12 @@
   failed_when: false
 
 - block:
-    - name: get pub key
-      slurp:
-        src: "/etc/exim4/exim.csr"
-      register: pub_key
-
-    - debug:
-        var: pub_key
-        verbosity: 2
-
     - name: generate host request
-      set_fact:
-        ca_request:
-          type: 'sign_request'
-          request:
-            keyType: 'ssl_host'
-            hostName: '{{ inventory_hostname }}.lilik.it'
-            keyData: "{{ pub_key.content| b64decode}}"
-
-    - debug:
-        var: authorities_request
-        verbosity: 2
+      cert_request:
+        proto: 'ssl'
+        host: '{{ inventory_hostname }}.lilik.it'
+        path: "/etc/exim4/exim.csr"
+      register: ca_request
 
     - name: start sign request
       include: ca-dialog.yaml
diff --git a/roles/ssh_server/tasks/main.yaml b/roles/ssh_server/tasks/main.yaml
index 5a3a41f..eeda9aa 100644
--- a/roles/ssh_server/tasks/main.yaml
+++ b/roles/ssh_server/tasks/main.yaml
@@ -23,14 +23,6 @@
     dest: "/etc/ssh/user_ca.pub"
   notify: restart ssh
 
-  #- name: Check if host certificate is valid
-  #  shell: '[[ $(ssh-keygen -f /etc/ssh/ssh_host_ed25519_key-cert.pub -L |grep "$(ssh-keygen -f /etc/ssh/user_ca.pub -l|cut -d " " -f 2)" -A 3 |grep Valid |cut -d " " -f 13) > $(date +%Y-%m-%dT%H:%M:%S --date "+1 month") ]]'
-  #  args:
-  #    executable: /bin/bash
-  #  register: vm_has_valid_ssh_certificate
-  #  changed_when: false
-  #  failed_when: false
-
 - name: Validate SSH host certificate if any
   ssh_cert:
   register: ssh_verification
@@ -41,27 +33,12 @@
     verbosity: 2
 
 - block:
-    - name: Read host public key
-      slurp:
-        src: "/etc/ssh/ssh_host_ed25519_key.pub"
-      register: vm_public_key
-
-    - debug:
-        var: vm_public_key['content']
-        verbosity: 2
-
-    - name: generate host request
-      set_fact:
-        ca_request:
-          type: 'sign_request'
-          request:
-            keyType: 'ssh_host'
-            hostName: '{{ ansible_docker_extra_args or inventory_hostname }}.lilik.it'
-            keyData: "{{ vm_public_key['content'] | b64decode | replace('\n', '')}}"
-
-    - debug:
-        var: ca_request | to_json
-        verbosity: 2
+    - name: Generate host request
+      host_request:
+        host: "{{ server_fqdn }}"
+        path: "/etc/ssh/ssh_host_ed25519_key.pub"
+        proto: "ssh"
+      register: ca_request
 
     - name: start sign request
       include: ca-dialog.yaml