diff --git a/defaults/main.yml b/defaults/main.yml
index 876c7e4d6d4d31d0babecb994b764e60a52c6b34..bc9969e18a73ea3ede70f9fe3d09cb00e193b79a 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -18,7 +18,7 @@ sidecar_cert_dir: "/etc/graylog/sidecar"
 cert_valid_days: 1095
 
 # Cert SAN settings
-node_cert_sans: "{{ lookup('template', 'node-cert-sans.j2') }}"
+node_cert_sans: "{{ lookup('template', 'node-cert-sans.j2') | replace('\n', '') | split(',') | map('trim') | list }}"
 use_ipv4: true
 use_ipv6: true
 use_default: true
diff --git a/templates/node-cert-sans.j2 b/templates/node-cert-sans.j2
index c811ac57aca9a7a0e59c899d1cf59eee457adf24..41a630a13543704f9bcf11fd30ba0d862eb7032f 100644
--- a/templates/node-cert-sans.j2
+++ b/templates/node-cert-sans.j2
@@ -1,24 +1,22 @@
-{%- macro ansible_iface(name) -%}
-    ansible_{{name}}
-{%- endmacro -%}
-
-- "DNS:{{ inventory_hostname }}"
-- "DNS:{{ ansible_fqdn }}"
-{% if use_default == true -%}
-    {% if use_ipv4 == true and ansible_default_ipv4.address is defined -%}
-- "IP:{{ ansible_default_ipv4.address }}"
-    {% endif -%}
-    {% if use_ipv6 == true and ansible_default_ipv6.address is defined -%}
-- "IP:{{ ansible_default_ipv6.address }}"
-    {% endif -%}
-{% endif -%}
-{% if use_interface_ip == true -%}
-    {% if ansible_facts[ansible_iface(iface_name)] is defined -%}
-        {% if use_ipv4 == true and ansible_facts[ansible_iface(iface_name)].ipv4.address is defined -%}
-- "IP:{{ ansible_facts[ansible_iface(iface_name)].ipv6.address }}"
-        {% endif -%}
-        {% if use_ipv6 == true and ansible_facts[ansible_iface(iface_name)].ipv6.address is defined -%}
-- "IP:{{ ansible_facts[ansible_iface(iface_name)].ipv6.address }}"
+DNS:{{ inventory_hostname }},
+DNS:{{ ansible_fqdn }},
+{%- if use_default == true -%}
+    {%- if use_ipv4 == true and ansible_default_ipv4.address is defined -%}
+        IP:{{ ansible_default_ipv4.address }},
+    {%- endif -%}
+    {%- if use_ipv6 == true and ansible_default_ipv6.address is defined -%}
+        IP:{{ ansible_default_ipv6.address }},
+    {%- endif -%}
+{%- endif -%}
+{%- if use_interface_ip == true -%}
+    {%- if ansible_facts[iface_name] is defined -%}
+        {%- if use_ipv4 == true and ansible_facts[iface_name].ipv4.address is defined -%}
+            IP:{{ ansible_facts[iface_name].ipv6.address }},
+        {%- endif -%}
+        {%- if use_ipv6 == true and (ansible_facts[iface_name].ipv6 | selectattr("scope", "equalto", "global") | length > 0) -%}
+            {%- for ip in (ansible_facts[iface_name].ipv6 | selectattr("scope", "equalto", "global"))%}
+                IP:{{ ip.address }}{% if not loop.last %},{% endif %}
+            {%- endfor -%}
         {%- endif -%}
     {%- endif-%}
 {%- endif -%}
\ No newline at end of file