diff --git a/inventory/group_vars/all b/inventory/group_vars/all
index ad220bdc1a..166306b829 100644
--- a/inventory/group_vars/all
+++ b/inventory/group_vars/all
@@ -254,10 +254,10 @@ wildcard_key_file: wildcard-2020.fedoraproject.org.key
 wildcard_int_file: wildcard-2020.fedoraproject.org.intermediate.cert
 
 # This is the openshift wildcard cert. Until it exists set it equal to wildcard
-os_wildcard_cert_name: wildcard-2017.app.os.fedoraproject.org
-os_wildcard_crt_file: wildcard-2017.app.os.fedoraproject.org.cert
-os_wildcard_key_file: wildcard-2017.app.os.fedoraproject.org.key
-os_wildcard_int_file: wildcard-2017.app.os.fedoraproject.org.intermediate.cert
+os_wildcard_cert_name: wildcard-2020.app.os.fedoraproject.org
+os_wildcard_crt_file: wildcard-2020.app.os.fedoraproject.org.cert
+os_wildcard_key_file: wildcard-2020.app.os.fedoraproject.org.key
+os_wildcard_int_file: wildcard-2020.app.os.fedoraproject.org.intermediate.cert
 
 # Everywhere, always, we should sign messages and validate signatures.
 # However, we allow individual hosts and groups to override this.  Use this very
diff --git a/playbooks/include/proxies-certificates.yml b/playbooks/include/proxies-certificates.yml
index 79a329ca79..5042b90de6 100644
--- a/playbooks/include/proxies-certificates.yml
+++ b/playbooks/include/proxies-certificates.yml
@@ -36,8 +36,8 @@
     - app.os.fedoraproject.org
 
   - role: httpd/certificate
-    certname: wildcard-2017.app.os.fedoraproject.org
-    SSLCertificateChainFile: wildcard-2017.app.os.fedoraproject.org.intermediate.cert
+    certname: wildcard-2020.app.os.fedoraproject.org
+    SSLCertificateChainFile: wildcard-2020.app.os.fedoraproject.org.intermediate.cert
     tags:
     - app.os.fedoraproject.org