diff --git a/.gitea/workflows/action.yaml b/.gitea/workflows/action.yaml
index 4bb433b..9900acd 100644
--- a/.gitea/workflows/action.yaml
+++ b/.gitea/workflows/action.yaml
@@ -39,9 +39,14 @@ jobs:
                type=semver,pattern={{raw}}
                type=sha
                type=semver,pattern={{version}}
+      - name: Generate random password for certificate
+        id: password
+        run:
+          echo "secret=$(openssl rand -base64 12)" >> $GITHUB_OUTPUT
       - name: Build and push
         uses: https://github.com/docker/build-push-action@v5
         with:
+          build-args: CERT_PASSWORD=${{ steps.password.outputs.secret }}           
           context: .
           push: true
           tags: ${{ steps.meta.outputs.tags }}            
diff --git a/Dockerfile b/Dockerfile
index 797172d..b81e79b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,24 +1,19 @@
+ARG CERT_PASSWORD
 ARG DOTNET_SDK_VERSION=9.0.202
 ARG DOTNET_RUNTIME_VERSION=9.0.3
 ARG ALPINE_VERSION=3.21
 ARG CONFIG_DIRECTORY_ARG=/config
-ARG CERT_PASSWORD_FILE_ARG=$CONFIG_DIRECTORY_ARG/password
 FROM mcr.microsoft.com/dotnet/sdk:${DOTNET_SDK_VERSION}-alpine${ALPINE_VERSION}-amd64 AS build-env
-ARG CERT_PASSWORD_FILE_ARG
-ENV CERT_PASSWORD_FILE=$CERT_PASSWORD_FILE_ARG
 ARG CONFIG_DIRECTORY_ARG
 ENV CONFIG_DIRECTORY=$CONFIG_DIRECTORY_ARG
+ARG CERT_PASSWORD
 RUN mkdir $CONFIG_DIRECTORY \
   && apk upgrade --update-cache --available \
   && apk add openssl \
   && rm -rf /var/cache/apk/* \
-  && openssl rand -base64 12 >> "$CERT_PASSWORD_FILE" \
-  && CERT_PASSWORD=$(cat $CERT_PASSWORD_FILE) \
   && dotnet dev-certs https --export-path /config/aspnetapp.pem --password "$CERT_PASSWORD" --format PEM
 
 FROM mcr.microsoft.com/dotnet/aspnet:${DOTNET_RUNTIME_VERSION}-alpine${ALPINE_VERSION}-amd64
-ARG CERT_PASSWORD_FILE_ARG
-ENV CERT_PASSWORD_FILE=$CERT_PASSWORD_FILE_ARG
 ARG CONFIG_DIRECTORY_ARG
 ENV CONFIG_DIRECTORY=$CONFIG_DIRECTORY_ARG
 ENV DOTNET_CLI_TELEMETRY_OPTOUT=1
@@ -28,6 +23,7 @@ ENV CERTIFICATES_DIRECTORY=/usr/local/share/ca-certificates
 ENV ASPNETCORE_Kestrel__Certificates__Default__Path=$CERTIFICATES_DIRECTORY/aspnetapp.crt
 ENV ASPNETCORE_Kestrel__Certificates__Default__KeyPath=$CERTIFICATES_DIRECTORY/aspnetapp.key
 ENV TZ=Europe/Brussels
+ARG CERT_PASSWORD
 RUN apk update \
   && apk upgrade --available \
   && apk add ca-certificates \