diff --git a/tasks/main.yml b/tasks/main.yml
index 0f0cf618cea0cf6233f09a3e58db1054d355aa37..59f9dcbcaa43dd03f5946179372f27ce968fa07b 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -29,7 +29,8 @@
     import_tasks: 'buildcerts.yml'
 
   tags: 'Certs'
-  when: 'proxy_active and "letsencrypt" not in excluded_roles'
+  when: 'proxy_active is defined and proxy_active and "letsencrypt" not in excluded_roles'
 
 - import_tasks: 'proxypool.yml'
+  when: 'proxy_active is defined and "letsencrypt" not in excluded_roles'
   tags: 'Certs'
diff --git a/tasks/proxypool.yml b/tasks/proxypool.yml
index 387e4c1fd73e423bf8b4eb081e163e362a509272..0ba49fb2c5f7e3d0c63f0dcbe04cd938ff07557d 100644
--- a/tasks/proxypool.yml
+++ b/tasks/proxypool.yml
@@ -8,17 +8,17 @@
       path: '/etc/letsencrypt'
       owner: '{{ ansible_env.SUDO_USER }}'
       recurse: yes
-    when: 'proxy_active is defined and proxy_active and "letsencrypt" not in excluded_roles'
+    when: proxy_active
 
   - name: "Pull Certs from active Proxy"
     import_tasks: 'pullcerts.yml'
-    when: 'proxy_active is defined and not proxy_active and "letsencrypt" not in excluded_roles'
+    when: not proxy_active
 
   - name: "Set directory permissions to root"
     file:
       path: '/etc/letsencrypt'
       owner: 'root'
       recurse: yes
-    when: 'proxy_active is defined and proxy_active and "letsencrypt" not in excluded_roles'
+    when: proxy_active
 
   tags: 'Certs'