diff --git a/defaults/main.yml b/defaults/main.yml
index 2f16152..ffc9913 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -3,6 +3,7 @@ minio_baremetal: true
 minio_enabled: true
 minio_binary: 'minio'
 minio_binary_download: 'https://dl.min.io/server/minio/release/linux-amd64/{{ minio_binary }}'
+minio_download_validate_certs: true
 minio_work_dir: /usr/local
 minio_install_dir: '{{ minio_work_dir }}/bin'
 minio_executable: '{{ minio_install_dir }}/{{ minio_binary }}'
@@ -17,12 +18,17 @@ minio_server_instances_num: 4
 minio_server_name_prefix: 'minio'
 minio_server_domain_name: 'example.org'
 minio_disk_volumes: 4
+minio_disk_volume_names:
+  - 1
+  - 2
+  - 3
+  - 4
 #
 minio_data_prefix: /storage
 minio_volume_prefix: 'minio'
 minio_volume_subdir: 'data'
 minio_port: 9000
-minio_volumes: 'https://{{ minio_server_name_prefix }}{1...{{ minio_server_instances_num }}}.{{ minio_server_domain_name }}:{{ minio_port }}/{{ minio_data_prefix }}/{{ minio_volume_prefix }}{1...{{ minio_disk_volumes }}}/{{ minio_volume_subdir }}'
+minio_volumes: 'https://{{ minio_server_name_prefix }}{%raw%}{{%endraw%}1...{{ minio_server_instances_num }}{%raw%}}{%endraw%}.{{ minio_server_domain_name }}:{{ minio_port }}/{{ minio_data_prefix }}/{{ minio_volume_prefix }}{%raw%}{{%endraw%}1...{{ minio_disk_volumes }}{%raw%}}{%endraw%}/{{ minio_volume_subdir }}'
 
 minio_dedicated_console: true
 minio_console_port: 9001
@@ -32,8 +38,10 @@ minio_ui_url: 'https://minio-ui-reverse-proxy.example.org'
 minio_over_tls: true
 minio_letsencrypt_certs: true
 minio_tls_certs_dir: /etc/pki/minio
-minio_tls_cert_file: '{{ minio_tls_certs_dir }}/fullchain'
-minio_tls_key_file: '{{ minio_tls_certs_dir }}/privkey'
+# The certificate and private key file names
+# must be *exactly* the ones used here.
+minio_tls_cert_file: '{{ minio_tls_certs_dir }}/public.crt'
+minio_tls_key_file: '{{ minio_tls_certs_dir }}/private.key'
 minio_root_user: minio_adm
 # minio_root_password: 'Use a vault'
 minio_storage_class_standard: 4
diff --git a/tasks/main.yml b/tasks/main.yml
index 8f5d118..49e14bf 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -24,17 +24,18 @@
 
     - name: Change the ownership of the minio data disks
       file:
-        dest: '{{ minio_data_prefix }}/{{ minio_volume_prefix }}_{{ item }}'
+        dest: '{{ minio_data_prefix }}/{{ minio_volume_prefix }}{{ item }}/{{ minio_volume_subdir }}'
         state: directory
         owner: '{{ minio_username }}'
         group: '{{ minio_username }}'
         mode: 0700
-      loop: '{{ minio_disk_volumes }}'
+      loop: '{{ minio_disk_volume_names }}'
 
     - name: Download the minio binary
       get_url:
         url: '{{ minio_binary_download }}'
         dest: '{{ minio_executable }}'
+        validate_certs: '{{ minio_download_validate_certs }}'
         owner: root
         group: root
         mode: 0755
@@ -52,7 +53,7 @@
 
     - name: Create the minio certificate directory
       file:
-        dest: '{{ minio_tls_certs_dir }}'
+        dest: '{{ minio_tls_certs_dir }}/CAs'
         state: directory
         owner: root
         group: '{{ minio_username }}'
@@ -81,7 +82,7 @@
     - name: Copy the CA trust file on deb systems
       copy:
         src: '/etc/ssl/certs/ca-certificates.crt'
-        dest: '{{ minio_tls_certs_dir }}/ca-certificates.crt'
+        dest: '{{ minio_tls_certs_dir }}/CAs/ca-certificates.crt'
         owner: root
         group: '{{ minio_username }}'
         mode: 0640
@@ -92,7 +93,7 @@
     - name: Copy the CA trust file on EL systems
       copy:
         src: '/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem'
-        dest: '{{ minio_tls_certs_dir }}/ca-certificates.crt'
+        dest: '{{ minio_tls_certs_dir }}/CAs/ca-certificates.crt'
         owner: root
         group: '{{ minio_username }}'
         mode: 0640
diff --git a/templates/minio.default.j2 b/templates/minio.default.j2
index ec9a08f..bf53f1e 100644
--- a/templates/minio.default.j2
+++ b/templates/minio.default.j2
@@ -1,12 +1,5 @@
 # See https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#environment-variables
 # Set the hosts and volumes MinIO uses at startup
-# The command uses MinIO expansion notation {x...y} to denote a
-# sequential series.
-#
-# The following example covers four MinIO hosts
-# with 4 drives each at the specified hostname and drive locations.
-# The command includes the port that each MinIO server listens on
-# (default 9000)
 
 MINIO_VOLUMES="{{ minio_volumes }}"
 
@@ -16,7 +9,7 @@ MINIO_VOLUMES="{{ minio_volumes }}"
 # port 9001 on all network interfaces. The default behavior is dynamic
 # port selection.
 
-MINIO_OPTS="{% if minio_dedicated_console }}--console-address :{{ minio_console_port }}{% endif %} --certs-dir {{ minio_tls_certs_dir }}"
+MINIO_OPTS="{% if minio_dedicated_console %}--console-address :{{ minio_console_port }}{% endif %} --certs-dir {{ minio_tls_certs_dir }}"
 
 # Set the root username. This user has unrestricted permissions to
 # perform S3 and administrative API operations on any resource in the