diff --git a/roles/nginx/tasks/letsencrypt.yml b/roles/nginx/tasks/letsencrypt.yml
index 5511da9..a724b9e 100644
--- a/roles/nginx/tasks/letsencrypt.yml
+++ b/roles/nginx/tasks/letsencrypt.yml
@@ -22,6 +22,19 @@
       dest: "{{ letsencrypt_acme_script }}"
       mode: 0700
 
+  # Run the "install" for acme.sh so it creates the .acme.sh dir (currently I
+  # have to chdir to the /root directory where the script exists or else it
+  # fails. Ansible runs it, but the script can't find itself...).
+  - name: Install acme.sh
+    ansible.builtin.command:
+      cmd: "{{ letsencrypt_acme_script }} --install --no-profile --no-cron"
+      creates: "{{ letsencrypt_acme_home }}/acme.sh"
+      chdir: /root
+
+  - name: Set default certificate authority for acme.sh
+    ansible.builtin.command:
+      cmd: "{{ letsencrypt_acme_script }} --set-default-ca --server letsencrypt"
+
   - name: Prepare Let's Encrypt well-known directory
     file:
       state: directory