diff --git a/netoik-rp.spec b/netoik-rp.spec
index f147bd6..c66ae34 100644
--- a/netoik-rp.spec
+++ b/netoik-rp.spec
@@ -23,6 +23,7 @@ Install the reverse proxy called nginx with a predefined configuration and with
 
 %post
 if [ -z $SKIP_CERTBOT ]; then
+	# Check required OVH variables
 	if [ -z $OVH_ENDPOINT ]; then echo "Missing env var OVH_ENDPOINT!" 1>&2; exit 1; fi
 	if [ -z $OVH_APPLICATION_NAME ]; then echo "Missing env var OVH_APPLICATION_KEY!" 1>&2; exit 1; fi
 	if [ -z $OVH_APPLICATION_DESCRIPTION ]; then echo "Missing env var OVH_APPLICATION_DESCRIPTION!" 1>&2; exit 1; fi
@@ -51,6 +52,10 @@ if [ -z $SKIP_CERTBOT ]; then
 	if [ ! -f "%{_sysconfdir}/letsencrypt/ssl-dhparams.pem" ]; then
 		openssl dhparam -out %{_sysconfdir}/letsencrypt/ssl-dhparams.pem 2048
 	fi
+
+else
+	# Skipping certbot, so remove certificate entries in nginx conf
+	sed --in-place 's/^ssl_certificate/# ssl_certificate/g' %{_sysconfdir}/nginx/conf.d/0_security.conf
 fi
 
 # Restart services