diff --git a/roles/bootstrap/tasks/configure_ssl@linux.yml b/roles/bootstrap/tasks/configure_ssl@linux.yml
new file mode 100644
index 0000000..760dd43
--- /dev/null
+++ b/roles/bootstrap/tasks/configure_ssl@linux.yml
@@ -0,0 +1,39 @@
+#SPDX-License-Identifier: MIT-0
+---
+# tasks file for bootstrap
+- name: Provide requisite SSL signed certificate for FQDN
+  ansible.builtin.copy:
+    backup: true
+    checksum: string
+    dest: "/usr/local/share/ca-certificates/{{ hostvars[inventory_hostname].fqdn }}.crt"
+    force: true
+    group: root
+    owner: root
+    src: "ca-certificates/{{ hostvars[inventory_hostname].fqdn }}.crt"
+    # validate: string
+- name: Provide requisite SSL private key for FQDN
+  ansible.builtin.copy:
+    backup: true
+    dest: "/usr/local/share/ca-certificates/{{ hostvars[inventory_hostname].fqdn }}.key"
+    force: true
+    group: root
+    mode: "0600"
+    owner: root
+    src: "ca-certificates/{{ hostvars[inventory_hostname].fqdn }}.key"
+    # validate: string
+- name: Provide requisite SSL public key for FQDN
+  ansible.builtin.copy:
+    backup: true
+    checksum: string
+    dest: "/usr/local/share/ca-certificates/{{ hostvars[inventory_hostname].fqdn }}.pem"
+    force: true
+    group: root
+    owner: root
+    src: "ca-certificates/{{ hostvars[inventory_hostname].fqdn }}.pem"
+    # validate: string
+- name: Update system registration of SSL certificates
+  ansible.builtin.command:
+    cmd: update-ca-certificates
+    creates: "/etc/ssl/certs/{{ hostvars[inventory_hostname].fqdn }}.pem"
+
+