diff --git a/library/roles/freeradius/tasks/main.yml b/library/roles/freeradius/tasks/main.yml
index 69acb31..14c135e 100644
--- a/library/roles/freeradius/tasks/main.yml
+++ b/library/roles/freeradius/tasks/main.yml
@@ -36,14 +36,17 @@
   - name: Create the freeradius pki directory if it does not yet exist
     file: dest={{ freeradius_pki_directory }} state=directory owner=root group=freerad mode=0550
 
-  - name: Setup the freeradius private key if it is not in place already
-    copy: remote_src=yes src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ freeradius_pki_directory }} owner=root group=freerad mode=0440
-
   - name: Create the DH file
     command: openssl dhparam -out {{ freeradius_pki_directory }}/dh 2048
     args:
       creates: '{{ freeradius_pki_directory }}/dh'
 
+  tags: [ 'freeradius', 'freeradius_cert' ]
+
+- block:
+  - name: Setup the freeradius private key if it is not in place already
+    copy: remote_src=yes src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ freeradius_pki_directory }} owner=root group=freerad mode=0440
+
   - name: Create the acme hooks directory if it does not yet exist
     file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root