diff --git a/group_vars/all b/group_vars/all
index 694813bb1b21787e038ed3d174e95cc5def32b0f..bbea0714d8a2b88a3bac149a85d1f417e036a682 100644
--- a/group_vars/all
+++ b/group_vars/all
@@ -29,11 +29,6 @@ admin_software:
   - ansible-lint
   - ansible-inventory-grapher
 
-python_software:
-  - python3-scipy
-  - python3-matplotlib
-  # - anaconda3
-
 desktop_software:
   - thunderbird
   - firefox
diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index dd9db74bf3859d0cdb0988787e14e79b4c66518d..5e89703038505094bab27798d49204fd451821b1 100644
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -26,3 +26,7 @@
 - name: lock root user
   become: yes
   shell: passwd -l root
+
+- name: update-ca-trust
+  become: yes
+  command: update-ca-trust extract
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 457bef57f00a483ca0fa5ed5a0c16d1760485464..cffa84c1df438a362e5153892eb0d5a2123519b3 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -7,4 +7,5 @@
 - include: sysupdate.yml
 - include: ntp.yml
 - include: yumrepos.yml
+  tags: lasrepo
 - include: software.yml
diff --git a/roles/common/tasks/yumrepos.yml b/roles/common/tasks/yumrepos.yml
index a7a740b1e93c4c2950616a3c2e93944d9c229b26..000ea1a6c46a935b7243ce0c596df607ccb60584 100644
--- a/roles/common/tasks/yumrepos.yml
+++ b/roles/common/tasks/yumrepos.yml
@@ -1,4 +1,14 @@
 ---
+- name: download SSL-Cert
+  #shell: openssl s_client -connect las101.las.kit.edu:443 <<<'' | openssl x509 -out /etc/pki/ca-trust/source/anchors/las101.crt
+  # shell: echo -n |openssl s_client -connect las101.las.kit.edu:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/pki/ca-trust/source/anchors/las101.pem
+  shell: echo -n |openssl s_client -connect las101.las.kit.edu:443 -showcerts |sed -n '/^-----BEGIN CERT/,/^-----END CERT/p' > /etc/pki/ca-trust/source/anchors/las101.pem
+  args:
+    creates: /etc/pki/ca-trust/source/anchors/las101.pem
+  become: yes
+  notify: update-ca-trust
+  when: (ansible_distribution == "Fedora" or ansible_distribution == "CentOS")
+
 - name: Add LAS dnf repository
   yum_repository:
     name: lasrepo-nonfree
@@ -8,6 +18,7 @@
     gpgcheck: no
     keepalive: yes
     keepcache: 0
+    sslcacert: /etc/pki/ca-trust/source/anchors/las101.pem
   become: yes
   when: (ansible_distribution == "Fedora" or ansible_distribution == "CentOS")