diff --git a/roles/copr/frontend-cloud/tasks/main.yml b/roles/copr/frontend-cloud/tasks/main.yml
index 353495fabf..bd1dbd886f 100644
--- a/roles/copr/frontend-cloud/tasks/main.yml
+++ b/roles/copr/frontend-cloud/tasks/main.yml
@@ -117,6 +117,13 @@
   tags:
   - config
 
+- name: Set SELinux context for certs generation
+  sefcontext:
+    target: "/srv/web/acme-challenge/.well-known"
+    setype: httpd_sys_content_t
+    state: present
+  when: devel
+
 - name: enable services
   service: state=started enabled=yes name={{ item }}
   with_items:
diff --git a/roles/copr/frontend-cloud/templates/httpd/coprs.conf b/roles/copr/frontend-cloud/templates/httpd/coprs.conf
index 453144a8ac..05c9e471da 100644
--- a/roles/copr/frontend-cloud/templates/httpd/coprs.conf
+++ b/roles/copr/frontend-cloud/templates/httpd/coprs.conf
@@ -26,15 +26,14 @@ WSGIScriptAlias / /usr/share/copr/coprs_frontend/application
         WSGIApplicationGroup %{GLOBAL}
     Require all granted
     </Directory>
-</VirtualHost>
 
-{% if devel %}
-<VirtualHost *:80>
+    {% if devel %}
     RewriteEngine on
     RewriteRule ^/\.well-known/(.*) /srv/web/acme-challenge/.well-known/$1 [L]
     RewriteRule "^/?(.*)" "https://%{HTTP_HOST}/$1" [L,R=301,NE]
+    {% endif %}
 </VirtualHost>
-{% endif %}
+
 
 <IfModule mod_status.c>
 ExtendedStatus On