diff --git a/playbooks/group_vars/db.yml b/playbooks/group_vars/db.yml
index f465adb..8fa48d6 100644
--- a/playbooks/group_vars/db.yml
+++ b/playbooks/group_vars/db.yml
@@ -37,7 +37,7 @@ postgresql_ssl_certificate:
   csr_common_name: "{{ db_server.host }}"
   certificate_filename: "{{ postgresql.base_directory }}/certs/server.crt"
   provider: selfsigned
-  selfsigned_not_after: "+3650d"
+  selfsigned_not_after: +3650d
   cache_filename: "{{ database_server_certificate_cache_filename }}" # where to store the server certificate in cache
 
 firewalld_rich_rules:
diff --git a/playbooks/group_vars/omero.yml b/playbooks/group_vars/omero.yml
index d676bfd..6b533d2 100644
--- a/playbooks/group_vars/omero.yml
+++ b/playbooks/group_vars/omero.yml
@@ -14,7 +14,7 @@ postgresql_client_ssl_certificate:
   csr_common_name: "{{ web_server.host }}"
   certificate_filename: /opt/omero/server/.postgresql/postgresql.crt
   provider: selfsigned
-  selfsigned_not_after: "+3650d"
+  selfsigned_not_after: +3650d
   cache_filename: "{{ database_client_certificate_cache_filename }}" # where to store the client certificate in cache
 
 # firewalld
diff --git a/playbooks/group_vars/xnat.yml b/playbooks/group_vars/xnat.yml
index 555d6ee..8ecca5b 100644
--- a/playbooks/group_vars/xnat.yml
+++ b/playbooks/group_vars/xnat.yml
@@ -60,7 +60,7 @@ postgresql_client_ssl_certificate:
   csr_common_name: "{{ web_server.host }}"
   certificate_filename: /usr/share/tomcat/.postgresql/postgresql.crt
   provider: selfsigned
-  selfsigned_not_after: "+3650d"
+  selfsigned_not_after: +3650d
   cache_filename: "{{ database_client_certificate_cache_filename }}" # where to store the client certificate in cache
 
 java:
diff --git a/playbooks/molecule/resources/monitoring/inventory/host_vars/mserv.yml b/playbooks/molecule/resources/monitoring/inventory/host_vars/mserv.yml
index e6d7d46..986a87f 100644
--- a/playbooks/molecule/resources/monitoring/inventory/host_vars/mserv.yml
+++ b/playbooks/molecule/resources/monitoring/inventory/host_vars/mserv.yml
@@ -9,4 +9,4 @@ monitoring_server_ssl_certificate:
   csr_common_name: "{{ hostvars['mserv']['hostname'] }}"
   certificate_filename: /etc/ssl/certs/{{ hostvars['mserv']['hostname'] }}.cert
   provider: selfsigned
-  selfsigned_not_after: "+3650d"
+  selfsigned_not_after: +3650d
diff --git a/roles/nginx/README.md b/roles/nginx/README.md
index 5d2b9d9..0f88161 100644
--- a/roles/nginx/README.md
+++ b/roles/nginx/README.md
@@ -32,8 +32,8 @@ variables:
 | ------------------------------- | ----------------------------------------------------------------------------------------- |
 | `nginx_use_ssl`                 | Whether to use SSL. Defaults to `true`                                                    |
 | `nginx_certs_dir`               | Where to store the certificates. Defaults to `/etc/nginx/ssl`                             |
-| `nginx_server_cert_cache`       | Path to SSL certificates on the Ansible host. Required if using SSL; no default      |
-| `nginx_server_key_cache`        | Path to SSL certificate on the Ansible host. Required if using SSL; no default      |
+| `nginx_server_cert_cache`       | Path to SSL certificates on the Ansible host. Required if using SSL; no default           |
+| `nginx_server_key_cache`        | Path to SSL certificate on the Ansible host. Required if using SSL; no default            |
 | `nginx_ssl_cert_file`           | Path to copy the SSL certificate to. Defaults to `/etc/nginx/ssl/server.cert`             |
 | `nginx_ssl_key_file`            | Path to copy the SSL key to. Defaults to `/etc/nginx/ssl/server.key`                      |
 | `nginx_diffie_helman_size_bits` | Bit size for OpenSSL Diffie-Hellman Parameters. Defaults to `4096`                        |
diff --git a/roles/nginx/molecule/resources/inventory/group_vars/all.yml b/roles/nginx/molecule/resources/inventory/group_vars/all.yml
index 585a1fa..a2343cf 100644
--- a/roles/nginx/molecule/resources/inventory/group_vars/all.yml
+++ b/roles/nginx/molecule/resources/inventory/group_vars/all.yml
@@ -24,7 +24,7 @@ nginx_old_ssl_certificate:
   csr_common_name: "{{ nginx_server_name }}"
   certificate_filename: "{{ nginx_server_cert_cache }}"
   provider: selfsigned
-  selfsigned_not_after: "+365d"
+  selfsigned_not_after: +365d
 
 nginx_new_ssl_certificate:
   owner: "{{ nginx_owner }}"
@@ -36,4 +36,4 @@ nginx_new_ssl_certificate:
   csr_common_name: "{{ nginx_server_name }}"
   certificate_filename: "{{ nginx_ssl_cert_file }}"
   provider: selfsigned
-  selfsigned_not_after: "+3650d"
+  selfsigned_not_after: +3650d
diff --git a/roles/nginx/molecule/resources/prepare.yml b/roles/nginx/molecule/resources/prepare.yml
index 279191e..b0542b2 100644
--- a/roles/nginx/molecule/resources/prepare.yml
+++ b/roles/nginx/molecule/resources/prepare.yml
@@ -49,12 +49,15 @@
   hosts: all
   gather_facts: true
   tasks:
-    - name: Create SSL certificate that expires in 1 year and store in server cache
+    - name:
+        Create SSL certificate that expires in 1 year and store in server cache
       ansible.builtin.include_role:
         name: mirsg.infrastructure.ssl_certificates
       vars:
         ssl_certificate: "{{ nginx_old_ssl_certificate }}" # noqa: var-naming[no-role-prefix]
-    - name: Create SSL certificate that expires in 10 years and store in nginx certificate directory
+    - name:
+        Create SSL certificate that expires in 10 years and store in nginx
+        certificate directory
       ansible.builtin.include_role:
         name: mirsg.infrastructure.ssl_certificates
       vars: