diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml
index 8c1286cb41404626a90061fbd5a09828554cac5d..fa33f89a6c0b4c1d109664ac1c34702ee2d6ef93 100644
--- a/roles/ipaclient/tasks/install.yml
+++ b/roles/ipaclient/tasks/install.yml
@@ -217,7 +217,7 @@
             and ipaadmin_keytab is undefined
             and ipaclient_keytab is undefined
 
-  - name: Install - Purge {{ result_ipaclient_test.realm }} from host keytab
+  - name: "Install - From host keytab, purge {{ result_ipaclient_test.realm }}"
     ansible.builtin.command: >
       /usr/sbin/ipa-rmkeytab
       -k /etc/krb5.keytab
diff --git a/roles/ipaserver/tasks/copy_external_cert.yml b/roles/ipaserver/tasks/copy_external_cert.yml
index 85ba3182388550cce1e19913a3656d292c9287fc..6adcaa085fbe602ec82145e2472e72e33c663ad5 100644
--- a/roles/ipaserver/tasks/copy_external_cert.yml
+++ b/roles/ipaserver/tasks/copy_external_cert.yml
@@ -1,14 +1,18 @@
 ---
-- name: Install - Initialize ipaserver_external_cert_files
-  ansible.builtin.set_fact:
-     ipaserver_external_cert_files: []
-  when: ipaserver_external_cert_files is undefined
-- name: Install - Copy "{{ item }}" "{{ inventory_hostname }}':/root/'{{ item | basename }}"
-  ansible.builtin.copy:
-    src: "{{ item }}"
-    dest: "/root/{{ item | basename }}"
-    mode: preserve
-    force: yes
-- name: Install - Extend ipaserver_external_cert_files with "/root/{{ item | basename }}"
-  ansible.builtin.set_fact:
-    ipaserver_external_cert_files: "{{ ipaserver_external_cert_files + ['/root/' + (item | basename)] }}"
+- name: Copy external certificates
+  vars:
+    __item_basename: "{{ item | basename }}"
+  block:
+  - name: Install - Initialize ipaserver_external_cert_files
+    ansible.builtin.set_fact:
+      ipaserver_external_cert_files: []
+    when: ipaserver_external_cert_files is undefined
+  - name: Install - Copy "{{ item + " " + inventory_hostname + ':/root/' + __item_basename }}"
+    ansible.builtin.copy:
+      src: "{{ item }}"
+      dest: "/root/{{ __item_basename }}"
+      mode: preserve
+      force: yes
+  - name: Install - Extend ipaserver_external_cert_files with "/root/{{ __item_basename }}"
+    ansible.builtin.set_fact:
+      ipaserver_external_cert_files: "{{ ipaserver_external_cert_files + ['/root/' + (__item_basename)] }}"
diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml
index 34a6faa989dd524b213b69d2a0382b5bb6a601ec..f4906dc9d67b74380d0674c618051e3f1e6b730e 100644
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -52,7 +52,7 @@
       >/dev/null
     when: ipaserver_firewalld_zone is defined
 
-- name: Copy external cert
+- name: Copy external certs
   ansible.builtin.include_tasks: "{{ role_path }}/tasks/copy_external_cert.yml"
   with_items: "{{ ipaserver_external_cert_files_from_controller }}"
   when: ipaserver_external_cert_files_from_controller is defined and
@@ -314,7 +314,7 @@
       _http_ca_cert: "{{ result_ipaserver_test._http_ca_cert }}"
     register: result_ipaserver_setup_ca
 
-  - name: Copy /root/ipa.csr to "{{ inventory_hostname }}-ipa.csr"
+  - name: Copy /root/ipa.csr to "{{ inventory_hostname + '-ipa.csr' }}"
     ansible.builtin.fetch:
       src: /root/ipa.csr
       dest: "{{ inventory_hostname }}-ipa.csr"
diff --git a/roles/ipasmartcard_client/tasks/main.yml b/roles/ipasmartcard_client/tasks/main.yml
index 94d1e9c3ceb4ddffdf61c636dc5fe0c7808e9e12..8c87a80fec1ed3c98e7f61d97472f72947f68313 100644
--- a/roles/ipasmartcard_client/tasks/main.yml
+++ b/roles/ipasmartcard_client/tasks/main.yml
@@ -70,13 +70,13 @@
       ipaadmin_principal: admin
     when: ipaadmin_principal is undefined
 
-  - name: Authenticate using kinit and "{{ ipaadmin_principal }}" password
+  - name: Authenticate using kinit with password for "{{ ipaadmin_principal }}"
     ansible.builtin.command: kinit "{{ ipaadmin_principal }}"
     args:
       stdin: "{{ ipaadmin_password }}"
     when: ipaadmin_password is defined
 
-  - name: Authenticate using kinit and "{{ ipaadmin_principal }}" keytab
+  - name: Authenticate using kinit with keytab for "{{ ipaadmin_principal }}"
     ansible.builtin.command: kinit -kt "{{ ipaadmin_keytab }}" "{{ ipaadmin_principal }}"
     when: ipaadmin_keytab is defined
 
diff --git a/roles/ipasmartcard_server/tasks/main.yml b/roles/ipasmartcard_server/tasks/main.yml
index a05451a8c2cd5236a98dc6b3bf1191afb8f521e6..c650511eb8083d7012116fee7cdb02146e708d3d 100644
--- a/roles/ipasmartcard_server/tasks/main.yml
+++ b/roles/ipasmartcard_server/tasks/main.yml
@@ -42,7 +42,7 @@
 
   # INSTALL bind-utils
 
-  - name: Ensure {{ ipasmartcard_server_bindutils_packages }} are installed
+  - name: Ensure bind utilities packages are installed
     ansible.builtin.package:
       name: "{{ ipasmartcard_server_bindutils_packages }}"
       state: present
@@ -55,13 +55,13 @@
       ipaadmin_principal: admin
     when: ipaadmin_principal is undefined
 
-  - name: Athenticate with kinit and "{{ ipaadmin_principal }}" password
+  - name: Athenticate with kinit and password for "{{ ipaadmin_principal }}"
     ansible.builtin.command: kinit "{{ ipaadmin_principal }}"
     args:
       stdin: "{{ ipaadmin_password }}"
     when: ipaadmin_password is defined
 
-  - name: Authenticate with kinit and "{{ ipaadmin_principal }}" keytab
+  - name: Authenticate with kinit and keytab for "{{ ipaadmin_principal }}"
     ansible.builtin.command: kinit -kt "{{ ipaadmin_keytab }}" "{{ ipaadmin_principal }}"
     when: ipaadmin_keytab is defined