diff --git a/tasks/node-certs.yml b/tasks/node-certs.yml
index 5528cc6a59427e9a769c3bb3f06ecb2e62b0b4a1..8240afb4302dba463022ffca5b10d93e713fa3a2 100644
--- a/tasks/node-certs.yml
+++ b/tasks/node-certs.yml
@@ -10,7 +10,7 @@
 - name: Node Certificates | Fetch Sidecar CA Cert
   ansible.builtin.fetch:
     src: "{{ item }}"
-    dest: "{{ tmp_cert_dir }}/"
+    dest: "{{ tmp_cert_dir.path }}/"
     flat: true
   with_items:
     - "{{ gl_sidecar_ca_path }}/sidecar-ca.pem"
@@ -22,7 +22,7 @@
 - name: Node Certificates | Fetch Graylog Node CA Cert
   ansible.builtin.fetch:
     src: "{{ gl_node_ca_path }}/graylog-ca.pem"
-    dest: "{{ tmp_cert_dir }}/"
+    dest: "{{ tmp_cert_dir.path }}/"
     flat: true
   delegate_to: "{{ groups[use_central_ca_host | bool | ternary('ca-store', 'graylog-nodes')] | first }}"
   become: true
@@ -33,31 +33,31 @@
   block:
     - name: Node Certificates | Generate private keys
       community.crypto.openssl_privatekey:
-        path: "{{ tmp_cert_dir }}/sidecar-{{ inventory_hostname }}.key"
+        path: "{{ tmp_cert_dir.path }}/sidecar-{{ inventory_hostname }}.key"
         return_content: true
         state: present
 
     - name: Node Certificates | Create CSRs
       community.crypto.openssl_csr_pipe:
-        privatekey_path: "{{ tmp_cert_dir }}/sidecar-{{ inventory_hostname }}.key"
+        privatekey_path: "{{ tmp_cert_dir.path }}/sidecar-{{ inventory_hostname }}.key"
         common_name: "{{ ansible_fqdn }}"  # CN
         subject_alt_name: "{{ node_cert_sans }}"
       register: "node_csr"
 
     - name: Node Certificates | Generate Certificates
       community.crypto.x509_certificate:
-        path: "{{ tmp_cert_dir }}/sidecar-{{ inventory_hostname }}.pem"
+        path: "{{ tmp_cert_dir.path }}/sidecar-{{ inventory_hostname }}.pem"
         csr_content: "{{ node_csr.csr }}"
         provider: ownca
-        ownca_path: "{{ tmp_cert_dir }}/sidecar-ca.pem"
-        ownca_privatekey_path: "{{ tmp_cert_dir }}/sidecar-ca.key"
+        ownca_path: "{{ tmp_cert_dir.path }}/sidecar-ca.pem"
+        ownca_privatekey_path: "{{ tmp_cert_dir.path }}/sidecar-ca.key"
         ownca_privatekey_passphrase: "{{ sidecar_ca_passphrase }}"
         ownca_not_after: "+{{ cert_valid_days }}d"
         ownca_not_before: "-1d"  # valid since yesterday
 
 - name: Node Certificates | Copy Node certificates
   ansible.builtin.copy:
-    src: "{{ tmp_cert_dir }}/{{ item.file }}"
+    src: "{{ tmp_cert_dir.path }}/{{ item.file }}"
     dest: "{{ sidecar_cert_dir }}"
     mode: "{{ item.mode }}"
   with_items: