diff --git a/tasks/trusted_ca.yml b/tasks/trusted_ca.yml
index 651dfbc..3697b4c 100644
--- a/tasks/trusted_ca.yml
+++ b/tasks/trusted_ca.yml
@@ -67,7 +67,7 @@
   - name: Download the letsencrypt CA files on deb
     get_url:
       url: '{{ trusted_ca_letsencrypt_ca_certificates_url }}/{{ item.ca }}'
-      dest: '{{ trusted_ca_deb_path }}/{{ item.ca }}'
+      dest: '{{ trusted_ca_deb_path }}/{{ item.ca }}.crt'
       owner: root
       group: root
       mode: 0444
@@ -85,6 +85,13 @@
     loop: '{{ expired_ca_letsencrypt_ca_files }}'
     register: letsencrypt_ca_files_removal
 
+  - name: Ensure that the expired CA files are not present
+    file:
+      dest: '{{ trusted_ca_deb_path }}/{{ item }}.crt'
+      state: absent
+    loop: '{{ expired_ca_letsencrypt_ca_files }}'
+    register: letsencrypt_ca_files_removal
+
   - name: Ensure that the expired CA files are not present
     file:
       dest: '{{ trusted_ca_deb_path }}/{{ item }}'