diff --git a/roles/redmine/defaults/main.yml b/roles/redmine/defaults/main.yml
index 9332f51..449b176 100644
--- a/roles/redmine/defaults/main.yml
+++ b/roles/redmine/defaults/main.yml
@@ -159,7 +159,7 @@ redmine_saml_name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:
 # This would be on the identity provider
 # redmine_saml_idp_slo_service_url: 'https://sso.example.com/saml2/idp/SingleLogoutService.php'
 # Which redmine field is used as name_identifier_value for SAML logout
-redmine_saml_name_identifier_value: 'mail'
+redmine_saml_name_identifier_value: mail
 redmine_saml_allowed_clock_drift: 2
 # Seperator for mapping
 # redmine_saml_attribute_mapping_sep: '.'
diff --git a/roles/redmine/templates/redmine/config/initializers/saml.rb.j2 b/roles/redmine/templates/redmine/config/initializers/saml.rb.j2
index 7812606..be92cca 100644
--- a/roles/redmine/templates/redmine/config/initializers/saml.rb.j2
+++ b/roles/redmine/templates/redmine/config/initializers/saml.rb.j2
@@ -13,7 +13,7 @@ require Rails.root.join('plugins/redmine_saml/lib/redmine_saml/base')
 {% endif %}
 {% endif %}
 {% if saml_idp_cert != '' %}
-    idp_cert: '{{ saml_idp_cert }}',
+    idp_cert: "{{ saml_idp_cert }}",
 {% endif %}
 {% if saml_idp_slo_service_url != '' %}
     idp_slo_service_url: '{{ saml_idp_slo_service_url }}',