diff --git a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
index 2fb7726534094eb624a1592398befc8f438c857a..e140589771c4b2059f7e472fec82a3fa544fcde4 100644
--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
@@ -111,7 +111,8 @@ public class OzgCloudElasticsearchService {
 			var secretResource = kubernetesService.getSecretResource(namespace, properties.getCertificateSecretName());
 			LOG.info(" properties.getCertificateSecretName:", properties.getCertificateSecretName());
 			LOG.info(" Create certificate secret in namespace {}", namespace);
-			createCredentialSecret(namespace, secretResource);
+			createOrReplaceCredentialSecret(namespace, secretResource);
+			
 	
 		} catch (Exception e) {
 			throw new RuntimeException("Certificate secret creation failed " + namespace, e);
@@ -133,6 +134,13 @@ public class OzgCloudElasticsearchService {
 		}
 	}
 
+
+	void createOrReplaceCredentialSecret(String namespace, Resource<Secret> secretResource) {
+		var serverSecretResource = kubernetesService.getSecretResource(properties.getServer().getCertificateNamespace(),
+				properties.getServer().getCertificateSecretName());
+
+		createAdapter(secretResource).createOrReplace(secretHelper.buildCertificateSecret(namespace, getSecretData(serverSecretResource.get())));
+	}
 	void createCredentialSecret(String namespace, Resource<Secret> secretResource) {
 		var serverSecretResource = kubernetesService.getSecretResource(properties.getServer().getCertificateNamespace(),
 				properties.getServer().getCertificateSecretName());