diff --git a/tasks/tls_cert_OpenBSD.yml b/tasks/tls_cert_OpenBSD.yml
index 8cb6b0df479a4dc8d22dcdbbeb4e396fc91022c8..99310b64bb98fb3f0a6e9bf3e17e52588b9eeb52 100644
--- a/tasks/tls_cert_OpenBSD.yml
+++ b/tasks/tls_cert_OpenBSD.yml
@@ -4,16 +4,23 @@
   assert:
     that: ansible_os_family == 'OpenBSD'
 
+- name: Create TLS key-owner group
+  group:
+    name: ssl-cert
+    state: present
+
 - name: Create TLS keys and certs directories
   with_items:
   - name: certs
     mode: '0755'
+    group: wheel
   - name: private
-    mode: '0700'
+    mode: '0750'
+    group: ssl-cert
   file:
     path: '/etc/ssl/{{ item.name }}'
     owner: root
-    group: wheel
+    group: '{{ item.group }}'
     mode: '{{ item.mode }}'
     state: directory