diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml
index b8f9cc206c66be6e3df4594e2bdda1d5464466b5..5951086e9507e486b5e80bcf19f29ed16b0635be 100644
--- a/roles/kubernetes-apps/ansible/defaults/main.yml
+++ b/roles/kubernetes-apps/ansible/defaults/main.yml
@@ -54,6 +54,12 @@ dashboard_memory_requests: 64M
 # SSL
 etcd_cert_dir: "/etc/ssl/etcd/ssl"
 canal_cert_dir: "/etc/canal/certs"
+# Set dashboard_use_custom_certs to true if overriding dashboard_certs_secret_name with a secret that
+# contains dashboard_tls_key_file and dashboard_tls_cert_file instead of using the initContainer provisioned certs
+dashboard_use_custom_certs: false
+dashboard_certs_secret_name: kubernetes-dashboard-certs
+dashboard_tls_key_file: dashboard.key
+dashboard_tls_cert_file: dashboard.crt
 
 rbac_resources:
   - sa
diff --git a/roles/kubernetes-apps/ansible/tasks/dashboard.yml b/roles/kubernetes-apps/ansible/tasks/dashboard.yml
index 530796c213e9b994c3d12190c0ac53627740d6cf..84816127e0a03a32a026bdd8c510eb28d312c7b5 100644
--- a/roles/kubernetes-apps/ansible/tasks/dashboard.yml
+++ b/roles/kubernetes-apps/ansible/tasks/dashboard.yml
@@ -5,7 +5,8 @@
     kubectl: "{{bin_dir}}/kubectl"
     resource: "{{ item }}"
     state: absent
-  with_items: ['ClusterRoleBinding']
+  with_items:
+    - 'ClusterRoleBinding'
   tags:
     - upgrade
 
diff --git a/roles/kubernetes-apps/ansible/tasks/main.yml b/roles/kubernetes-apps/ansible/tasks/main.yml
index 025b4fab6b71c083859ac844fed88c3b3df28e2f..7b36d453628c6d1c883925c07b0f7c9bc1c2fbfc 100644
--- a/roles/kubernetes-apps/ansible/tasks/main.yml
+++ b/roles/kubernetes-apps/ansible/tasks/main.yml
@@ -15,7 +15,9 @@
     kubectl: "{{bin_dir}}/kubectl"
     resource: "{{ item }}"
     state: absent
-  with_items: ['deploy', 'svc']
+  with_items:
+    - 'deploy'
+    - 'svc'
   tags:
     - upgrade
 
diff --git a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2 b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
index 35415326e0b0e8a273d65b8a011e0e5f98aeeb90..b16ddd467af0f00ce87676d9573ca9b4332b895f 100644
--- a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
@@ -127,12 +127,14 @@ spec:
       labels:
         k8s-app: kubernetes-dashboard
     spec:
+{% if not dashboard_use_custom_certs %}
       initContainers:
       - name: kubernetes-dashboard-init
         image: {{ dashboard_init_image_repo }}:{{ dashboard_init_image_tag }}
         volumeMounts:
         - name: kubernetes-dashboard-certs
           mountPath: /certs
+{% endif %}
       containers:
       - name: kubernetes-dashboard
         image: {{ dashboard_image_repo }}:{{ dashboard_image_tag }}
@@ -148,8 +150,8 @@ spec:
         - containerPort: 8443
           protocol: TCP
         args:
-          - --tls-key-file=/certs/dashboard.key
-          - --tls-cert-file=/certs/dashboard.crt
+          - --tls-key-file=/certs/{{ dashboard_tls_key_file }}
+          - --tls-cert-file=/certs/{{ dashboard_tls_cert_file }}
           - --authentication-mode=token{% if kube_basic_auth|default(false) %},basic{% endif %}
           # Uncomment the following line to manually specify Kubernetes API server Host
           # If not specified, Dashboard will attempt to auto discover the API server and connect
@@ -172,7 +174,7 @@ spec:
       volumes:
       - name: kubernetes-dashboard-certs
         secret:
-          secretName: kubernetes-dashboard-certs
+          secretName: {{ dashboard_certs_secret_name }}
       - name: tmp-volume
         emptyDir: {}
       serviceAccountName: kubernetes-dashboard