diff --git a/releasenotes/notes/improve-container-registry-ca-conditional-0247b0014379ba82.yaml b/releasenotes/notes/improve-container-registry-ca-conditional-0247b0014379ba82.yaml
new file mode 100644
index 0000000..0175ad3
--- /dev/null
+++ b/releasenotes/notes/improve-container-registry-ca-conditional-0247b0014379ba82.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    The tasks related to installing CA file for private registry will now
+    only run if either ``docker_registry_insecure`` or
+    ``podman_registry_insecure`` is set to false.
diff --git a/roles/docker/tasks/config.yml b/roles/docker/tasks/config.yml
index 442b452..89bb65b 100644
--- a/roles/docker/tasks/config.yml
+++ b/roles/docker/tasks/config.yml
@@ -99,7 +99,10 @@
     mode: "0700"
     state: directory
   become: true
-  when: docker_registry is not none and docker_registry_ca is not none
+  when: >
+    docker_registry is not none and
+    docker_registry_ca is not none and
+    not docker_registry_insecure | bool
 
 - name: Ensure the CA file for private registry exists
   copy:
@@ -109,7 +112,10 @@
     group: root
     mode: "0600"
   become: true
-  when: docker_registry is not none and docker_registry_ca is not none
+  when: >
+    docker_registry is not none and
+    docker_registry_ca is not none and
+    not docker_registry_insecure | bool
   notify:
     - Restart docker
 
diff --git a/roles/podman/tasks/config.yml b/roles/podman/tasks/config.yml
index 851eb31..6ea9311 100644
--- a/roles/podman/tasks/config.yml
+++ b/roles/podman/tasks/config.yml
@@ -63,6 +63,7 @@
   when:
     - podman_registry is not none
     - podman_registry_ca is not none
+    - not podman_registry_insecure | bool
 
 - name: Ensure the CA file for private registry exists
   copy:
@@ -75,3 +76,4 @@
   when:
     - podman_registry is not none
     - podman_registry_ca is not none
+    - not podman_registry_insecure | bool