diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index f884ff18..0790577a 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -20,7 +20,7 @@ jobs:
         with:
           version: v1.62.2
           only-new-issues: false
-          args: --timeout 5m --config .golangci.yml
+          args: --config .golangci.yml
   diff:
     name: diff
     runs-on: ubuntu-22.04
diff --git a/.golangci.yml b/.golangci.yml
index 1034f256..45d6a311 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -1,3 +1,6 @@
+run:
+  timeout: 10m
+
 linters-settings:
   revive:
     rules:
diff --git a/internal/builders/controlplane/deployment.go b/internal/builders/controlplane/deployment.go
index e71fafcb..ca7bf893 100644
--- a/internal/builders/controlplane/deployment.go
+++ b/internal/builders/controlplane/deployment.go
@@ -31,7 +31,6 @@ import (
 const (
 	kubernetesPKIVolumeName               = "etc-kubernetes-pki"
 	caCertificatesVolumeName              = "etc-ca-certificates"
-	sslCertsVolumeName                    = "etc-ssl-certs"
 	usrShareCACertificatesVolumeName      = "usr-share-ca-certificates"
 	usrLocalShareCaCertificateVolumeName  = "usr-local-share-ca-certificates"
 	schedulerKubeconfigVolumeName         = "scheduler-kubeconfig"
@@ -162,7 +161,6 @@ func (d Deployment) setVolumes(podSpec *corev1.PodSpec, tcp kamajiv1alpha1.Tenan
 	for _, fn := range []func(*corev1.PodSpec, kamajiv1alpha1.TenantControlPlane){
 		d.buildPKIVolume,
 		d.buildCAVolume,
-		d.buildSSLCertsVolume,
 		d.buildShareCAVolume,
 		d.buildLocalShareCAVolume,
 		d.buildSchedulerVolume,
@@ -250,22 +248,6 @@ func (d Deployment) buildCAVolume(podSpec *corev1.PodSpec, tcp kamajiv1alpha1.Te
 	}
 }
 
-func (d Deployment) buildSSLCertsVolume(podSpec *corev1.PodSpec, tcp kamajiv1alpha1.TenantControlPlane) {
-	found, index := utilities.HasNamedVolume(podSpec.Volumes, sslCertsVolumeName)
-	if !found {
-		index = len(podSpec.Volumes)
-		podSpec.Volumes = append(podSpec.Volumes, corev1.Volume{})
-	}
-
-	podSpec.Volumes[index].Name = sslCertsVolumeName
-	podSpec.Volumes[index].VolumeSource = corev1.VolumeSource{
-		Secret: &corev1.SecretVolumeSource{
-			SecretName:  tcp.Status.Certificates.CA.SecretName,
-			DefaultMode: pointer.To(int32(420)),
-		},
-	}
-}
-
 func (d Deployment) buildShareCAVolume(podSpec *corev1.PodSpec, tcp kamajiv1alpha1.TenantControlPlane) {
 	found, index := utilities.HasNamedVolume(podSpec.Volumes, usrShareCACertificatesVolumeName)
 	if !found {
@@ -521,11 +503,6 @@ func (d Deployment) buildControllerManager(podSpec *corev1.PodSpec, tenantContro
 		ReadOnly:  true,
 		MountPath: "/etc/ca-certificates",
 	})
-	d.ensureVolumeMount(&volumeMounts, corev1.VolumeMount{
-		Name:      sslCertsVolumeName,
-		ReadOnly:  true,
-		MountPath: "/etc/ssl/certs",
-	})
 	d.ensureVolumeMount(&volumeMounts, corev1.VolumeMount{
 		Name:      usrShareCACertificatesVolumeName,
 		ReadOnly:  true,
@@ -655,11 +632,6 @@ func (d Deployment) buildKubeAPIServer(podSpec *corev1.PodSpec, tenantControlPla
 		ReadOnly:  true,
 		MountPath: "/etc/ca-certificates",
 	})
-	d.ensureVolumeMount(&volumeMounts, corev1.VolumeMount{
-		Name:      sslCertsVolumeName,
-		ReadOnly:  true,
-		MountPath: "/etc/ssl/certs",
-	})
 	d.ensureVolumeMount(&volumeMounts, corev1.VolumeMount{
 		Name:      usrShareCACertificatesVolumeName,
 		ReadOnly:  true,