diff --git a/roles/maria/tasks/_create_backup.yml b/roles/maria/tasks/_create_backup.yml
index d3f46d0..e8de826 100644
--- a/roles/maria/tasks/_create_backup.yml
+++ b/roles/maria/tasks/_create_backup.yml
@@ -18,6 +18,26 @@
       user={{ mysql_root_username }}
       password={{ mysql_root_password }}
 
+- name: "Block: gpg stuff"
+  block:
+    - name: Create temp dir
+      ansible.builtin.tempfile:
+        state: directory
+        suffix: gitcheckout
+        path: /tmp
+      register: tempdir
+
+    - name: "Checkout repo for gpg communication-keys"
+      ansible.builtin.git:
+        repo: 'https://{{ gituser | default("gitea-admin") | urlencode }}:{{ gitea_admin_password | urlencode }}@{{ stage }}-gitea-01.smardigo.digital/gitea-admin/communication-keys.git'
+        dest: '{{ tempdir.path }}'
+        version: master
+
+# there is no ansible gpg module already in place
+# linting violation needs to be whitelisted
+    - name: "Importing stage specific automation gpg-key" # noqa command-instead-of-shell
+      shell: 'gpg --import {{ tempdir.path }}/smardigo_automation_{{ stage }}.gpg.pub'
+
 # there is no ansible module already in place for (mariabackup|gpg)
 # so using shell module
 - name: "Creating mariabackup ... + doing async check if successful or not"
diff --git a/roles/maria/tasks/_create_database.yml b/roles/maria/tasks/_create_database.yml
index d66971f..c787f5a 100644
--- a/roles/maria/tasks/_create_database.yml
+++ b/roles/maria/tasks/_create_database.yml
@@ -13,8 +13,6 @@
 - name: Ensure MySQL users are present.
   community.mysql.mysql_user:
     name: "{{ item.name }}"
-    tls_requires:
-      SSL:
     password: "{{ item.password }}"
     priv: "{{ item.priv | default('*.*:USAGE') }}"
     state: "{{ item.state | default('present') }}"
diff --git a/roles/maria/tasks/main.yml b/roles/maria/tasks/main.yml
index 8fa3950..42cb3f2 100644
--- a/roles/maria/tasks/main.yml
+++ b/roles/maria/tasks/main.yml
@@ -99,8 +99,6 @@
 - name: Ensure MySQL users are present.
   community.mysql.mysql_user:
     name: "{{ item.name }}"
-    tls_requires:
-      SSL:
     password: "{{ item.password }}"
     priv: "{{ item.priv | default('*.*:USAGE') }}"
     state: "{{ item.state | default('present') }}"
@@ -166,23 +164,3 @@
     name: dummytestdb
     state: import
     target: /tmp/testdb.sql
-
-- name: "Block: gpg stuff"
-  block:
-    - name: Create temp dir
-      ansible.builtin.tempfile:
-        state: directory
-        suffix: gitcheckout
-        path: /tmp
-      register: tempdir
-
-    - name: "Checkout repo for gpg communication-keys"
-      ansible.builtin.git:
-        repo: 'https://{{ gituser | default("gitea-admin") | urlencode }}:{{ gitea_admin_password | urlencode }}@{{ stage }}-gitea-01.smardigo.digital/gitea-admin/communication-keys.git'
-        dest: '{{ tempdir.path }}'
-        version: master
-
-# there is no ansible gpg module already in place
-# linting violation needs to be whitelisted
-    - name: "Importing stage specific automation gpg-key" # noqa command-instead-of-shell
-      shell: 'gpg --import {{ tempdir.path }}/smardigo_automation_{{ stage }}.gpg.pub'