diff --git a/defaults/main.yml b/defaults/main.yml
index 180921e91b8a03f204636266a7ba39c7e558417e..a341945ecb4c82d27cb53dbbef2937c58b408716 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,3 +1,4 @@
 default_proxy: ''
 proxy_default_backend: ''
+proxy_certificates: []
 proxy_blacklist_ips: []
diff --git a/tasks/configure.yml b/tasks/configure.yml
index cf93f3be66157b01a10f50eb0a10307b8982e795..dd4d7928baf124d88b226eef0c4a4544998ba944 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -13,7 +13,7 @@
             owner=root
             group=root
             mode=644
-  when: scope == 'all'
+  #when: scope == 'all'
   with_items: '{{ groups.all }}'
   notify: 'Proxy | Restart HAProxy'
 
@@ -23,7 +23,7 @@
             owner=root
             group=root
             mode=644
-  when: scope == 'all'
+  #when: scope == 'all'
   with_items: '{{ groups.all }}'
   notify: 'Proxy | Restart HAProxy'
 
@@ -33,7 +33,7 @@
         group=root
         mode=644
         state=touch
-  when: scope == 'all'
+  #when: scope == 'all'
   with_items: '{{ groups.all }}'
   notify: 'Proxy | Restart HAProxy'
 
@@ -43,7 +43,7 @@
             owner=root
             group=root
             mode=644
-  when: scope == 'all'
+  #when: scope == 'all'
   notify: 'Proxy | Restart HAProxy'
 
 - name: "Proxy | Install update php script"
@@ -74,5 +74,5 @@
             owner=root
             group=root
             mode=644
-  when: scope == 'all'
+  #when: scope == 'all'
   notify: 'Proxy | Restart HAProxy'
diff --git a/templates/blacklist b/templates/blacklist
index ef4547ec71ccb381225c39a021c5efd32e9f7caa..61d63081e819f356dc4286b10c2382b19749cfa3 100644
--- a/templates/blacklist
+++ b/templates/blacklist
@@ -1,3 +1,5 @@
-{% for line in hostvars[item]['proxy_blacklist_ips'] %}
+{% for host in groups['all'] %}
+{% for line in hostvars[host].proxy_blacklist_ips|default([]) %}
 {{line}}
 {% endfor %}
+{% endfor %}
diff --git a/templates/haproxy_cfg b/templates/haproxy_cfg
index 2bad328f85cde37a6d89eb318d4cf92fb5df5e92..5bef2d636455f50f4a0f8dd715d37331e653e79e 100644
--- a/templates/haproxy_cfg
+++ b/templates/haproxy_cfg
@@ -46,55 +46,53 @@ frontend http-in
   acl blockedip src  -i -f /etc/haproxy/blacklist
   http-request deny if blockedip
 {% for host in groups['all'] %}
-{% if hostvars[host]['proxy_redirect'] %}
-{% for redirect in hostvars[host]['proxy_redirect'] %}
+{% for redirect in hostvars[host].proxy_redirect|default([]) %}
   redirect prefix http://{{redirect.to}} if { hdr_dom(host) -i {{redirect.from}} }
 {% endfor %}
-{% endif %}
 {% endfor %}
 {% for host in groups['all'] %}
-{% if hostvars[host]['proxy_domains'] %}
+{% if hostvars[host].proxy_domains is defined %}
   acl domain_in_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.list
   use_backend backend_{{host}} if domain_in_{{host}}
 {% endif %}
-{% if hostvars[host]['proxy_crm_domains'] %}
+{% if hostvars[host].proxy_crm_domains is defined %}
   acl crm_domain_in_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.crm.list
   use_backend backend_{{host}} if crm_domain_in_{{host}}
 {% endif %}
-{% if hostvars[host]['proxy_ssl_domains'] %}
+{% if hostvars[host].proxy_ssl_domains is defined %}
   acl redirect_ssl_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.ssl.list
   use_backend backend_redirect_ssl if redirect_ssl_{{host}}
 {% endif %}
 {% endfor %}
 
+{% for cert in proxy_certificates %}
 frontend https-in
-  bind :443 ssl crt /etc/haproxy/certs/s-verein.de.pem no-sslv3
+  bind :443 ssl crt /etc/haproxy/certs/{{ cert }} no-sslv3
   acl blockedip src  -i -f /etc/haproxy/blacklist
   http-request deny if blockedip
 {% for host in groups['all'] %}
-{% if hostvars[host]['proxy_redirect'] %}
-{% for redirect in hostvars[host]['proxy_redirect'] %}
+{% for redirect in hostvars[host].proxy_redirect|default([]) %}
   redirect prefix https://{{redirect.to}} if { hdr_dom(host) -i {{redirect.from}} }
 {% endfor %}
-{% endif %}
 {% endfor %}
 {% for host in groups['all'] %}
-{% if hostvars[host]['proxy_ssl_domains'] %}
+{% if hostvars[host].proxy_ssl_domains is defined %}
   acl ssl_domain_in_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.ssl.list
   use_backend backend_{{host}} if ssl_domain_in_{{host}}
 {% endif %}
-{% if hostvars[host]['proxy_domains'] %}
+{% if hostvars[host].proxy_domains is defined %}
   acl redirect_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.list
   use_backend backend_redirect if redirect_{{host}}
 {% endif %}
-{% if hostvars[host]['proxy_crm_domains'] %}
+{% if hostvars[host].proxy_crm_domains is defined %}
   acl crm_redirect_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.list
   use_backend backend_redirect if crm_redirect_{{host}}
 {% endif %}
 {% endfor %}
+{% endfor %}
 
 {% for host in groups['all'] %}
-{% if (hostvars[host]['proxy_domains']) or (hostvars[host]['proxy_ssl_domains']) or (hostvars[host]['proxy_crm_domains']) %}
+{% if (hostvars[host].proxy_domains is defined) or (hostvars[host].proxy_ssl_domains is defined) or (hostvars[host].proxy_crm_domains is defined) %}
 backend backend_{{host}}
   server server_{{host}} {{hostvars[host]['ansible_default_ipv4']['address']|default(hostvars[host]['static_ipv4'])}}:80 maxconn 32
 
diff --git a/templates/host_list b/templates/host_list
index 286b086f21f6a29a39b51cc573aab28789b98f8f..56d67eb203e0077ca438b161e44b59f6f12d0252 100644
--- a/templates/host_list
+++ b/templates/host_list
@@ -1,3 +1,3 @@
-{% for domain in hostvars[item]['proxy_domains'] %}
+{% for domain in hostvars[item].proxy_domains|default([]) %}
 {{domain}}
 {% endfor %}
diff --git a/templates/host_ssl_list b/templates/host_ssl_list
index 86e88b55771e2e185aea70a4df780d49e5466cc0..ee5bc3fd89377fc129653553a16f5c56f40db919 100644
--- a/templates/host_ssl_list
+++ b/templates/host_ssl_list
@@ -1,3 +1,3 @@
-{% for domain in hostvars[item]['proxy_ssl_domains'] %}
+{% for domain in hostvars[item].proxy_ssl_domains|default([]) %}
 {{domain}}
 {% endfor %}