diff --git a/roles/rke2/tasks/privkey.yml b/roles/rke2/tasks/privkey.yml
deleted file mode 100644
index a7ea03b3db9a493d2fba0debc863daa8e2721d4b..0000000000000000000000000000000000000000
--- a/roles/rke2/tasks/privkey.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-
-- name: wait for private key to exist
-  wait_for:
-    path: /var/lib/rancher/rke2/server/tls/service.key
-
-- name: generate public key from private key for jwks 
-  shell: |
-    openssl rsa -in /var/lib/rancher/rke2/server/tls/service.key -pubout -out /var/lib/rancher/rke2/server/tls/service.pub
-  
-
-- name: fetch public key from master
-  ansible.builtin.fetch:
-    src: /var/lib/rancher/rke2/server/tls/service.pub
-    dest: service.pub
-    flat: yes
-
-
diff --git a/roles/rke2/tasks/setup_host.yml b/roles/rke2/tasks/setup_host.yml
index 307c2b32243823e58c392074aac081d7c62d423e..b8d3d360e29a15373318bf75d3558307e1ff1872 100644
--- a/roles/rke2/tasks/setup_host.yml
+++ b/roles/rke2/tasks/setup_host.yml
@@ -65,14 +65,6 @@
     group: etcd
 
 
-#Let openstack cloud controller access the /etc/ssl/certs directory (SELinux)
-
-# - name: Disable SELinux
-#   selinux:
-#     policy: targeted
-#     state: permissive
-#   when: ( 'control-plane' in group_names )
-#Download the mozilla root CA into the right directory, and update the trust chain
 - name: Download root CA
   get_url:
     url: https://curl.se/ca/cacert.pem