diff --git a/cmd/local/local.go b/cmd/local/local.go
index 3d658cd97..5ac9e1926 100644
--- a/cmd/local/local.go
+++ b/cmd/local/local.go
@@ -195,6 +195,12 @@ func runLocal(cmd *cobra.Command, args []string) error {
 		log.Info().Msg("already added secrets to k3d cluster")
 	}
 
+	log.Info().Msg("storing certificates into application secrets namespace")
+	if err := k8s.CreateSecretsFromCertificatesForLocalWrapper(config); err != nil {
+		log.Error().Err(err).Msg("")
+	}
+	log.Info().Msg("storing certificates into application secrets namespace done")
+
 	// create argocd initial repository config
 	executionControl = viper.GetBool("argocd.initial-repository.created")
 	if !executionControl {
@@ -424,6 +430,20 @@ func runLocal(cmd *cobra.Command, args []string) error {
 		progressPrinter.IncrementTracker("step-telemetry", 1)
 	}
 
+	_, _, err = pkg.ExecShellReturnStrings(config.KubectlClientPath, "--kubeconfig", config.KubeConfigPath, "-n", "argocd", "apply", "-f", fmt.Sprintf("%s/gitops/ingressroute.yaml", config.K1FolderPath))
+
+	if err != nil {
+		log.Error().Err(err).Msgf("failed to create ingress route to argocd: %s", err)
+	}
+
+	_, _, err = pkg.ExecShellReturnStrings(config.KubectlClientPath, "--kubeconfig", config.KubeConfigPath, "-n", "argocd", "delete", "ingress", "argocd-server")
+
+	if err != nil {
+		log.Error().Err(err).Msgf("failed to delete argocd primary ingress route: %s", err)
+	}
+
+	log.Info().Msg("Kubefirst installation finished successfully")
+	pkg.InformUser("Kubefirst installation finished successfully", silentMode)
 	log.Info().Msg("Kubefirst installation almost finished successfully, please wait final setups steps")
 	pkg.InformUser("Kubefirst installation almost finished successfully, please wait final setups steps", silentMode)
 
diff --git a/cmd/local/postrun.go b/cmd/local/postrun.go
index eeaca21ee..4eff5ac6a 100644
--- a/cmd/local/postrun.go
+++ b/cmd/local/postrun.go
@@ -1,15 +1,13 @@
 package local
 
 import (
-	"fmt"
-	"github.com/rs/zerolog/log"
 	"os"
 	"os/signal"
 	"sync"
 	"syscall"
 
-	"github.com/kubefirst/kubefirst/configs"
-	"github.com/kubefirst/kubefirst/internal/k8s"
+	"github.com/rs/zerolog/log"
+
 	"github.com/kubefirst/kubefirst/internal/reports"
 	"github.com/kubefirst/kubefirst/pkg"
 	"github.com/spf13/cobra"
@@ -22,14 +20,6 @@ func runPostLocal(cmd *cobra.Command, args []string) error {
 		return nil
 	}
 
-	config := configs.ReadConfig()
-
-	log.Info().Msg("storing certificates into application secrets namespace")
-	if err := k8s.CreateSecretsFromCertificatesForLocalWrapper(config); err != nil {
-		log.Error().Err(err).Msg("")
-	}
-	log.Info().Msg("storing certificates into application secrets namespace done")
-
 	log.Info().Msg("Starting the presentation of console and api for the handoff screen")
 
 	err := pkg.IsConsoleUIAvailable(pkg.KubefirstConsoleLocalURL)
@@ -44,10 +34,6 @@ func runPostLocal(cmd *cobra.Command, args []string) error {
 	reports.LocalHandoffScreen(dryRun, silentMode)
 
 	log.Info().Msgf("Kubefirst Console available at: http://localhost:9094", silentMode)
-	_, _, err = pkg.ExecShellReturnStrings(config.KubectlClientPath, "--kubeconfig", config.KubeConfigPath, "-n", "argocd", "apply", "-f", fmt.Sprintf("%s/gitops/ingressroute.yaml", config.K1FolderPath))
-	if err != nil {
-		log.Printf("failed to create ingress route to argocd: %s", err)
-	}
 
 	log.Info().Msgf("Kubefirst Console available at: http://localhost:9094", silentMode)
 
diff --git a/cmd/local/prerun.go b/cmd/local/prerun.go
index bcf57215e..b8dcc6e71 100644
--- a/cmd/local/prerun.go
+++ b/cmd/local/prerun.go
@@ -72,7 +72,7 @@ func validateLocal(cmd *cobra.Command, args []string) error {
 	viper.Set("adminemail", adminEmail)
 
 	viper.Set("argocd.local.service", pkg.ArgoCDLocalURL)
-	viper.Set("vault.local.service", pkg.VaultLocalURL)
+	viper.Set("vault.local.service", pkg.VaultLocalURLTLS)
 	go pkg.RunNgrok(context.TODO())
 
 	// addons
diff --git a/configs/config.go b/configs/config.go
index dfc09434b..9767938b0 100644
--- a/configs/config.go
+++ b/configs/config.go
@@ -34,9 +34,9 @@ type Config struct {
 	KubectlClientPath       string
 	KubeConfigPath          string
 	KubeConfigFolder        string
-	HelmClientPath      string
-	GitOpsLocalRepoPath string
-	NgrokVersion        string
+	HelmClientPath          string
+	GitOpsLocalRepoPath     string
+	NgrokVersion            string
 	NgrokClientPath         string
 	TerraformClientPath     string
 	K3dPath                 string
@@ -64,6 +64,7 @@ type Config struct {
 
 	LocalArgoWorkflowsURL string
 	LocalVaultURL         string
+	LocalVaultURLTLS      string
 	LocalArgoURL          string
 	LocalAtlantisURL      string
 	LocalChartmuseumURL   string
@@ -136,7 +137,8 @@ func ReadConfig() *Config {
 	config.GitopsTemplateURL = "https://github.com/kubefirst/gitops-template-gh.git"
 	// Local Configs URL
 	config.LocalArgoWorkflowsURL = "http://argo.localdev.me"
-	config.LocalVaultURL = "http://vault.localdev.me"
+	config.LocalVaultURL = "https://vault.localdev.me"
+	config.LocalVaultURLTLS = "https://vault.localdev.me"
 	config.LocalArgoURL = "http://argocd.localdev.me"
 	config.LocalAtlantisURL = "http://atlantis.localdev.me"
 	config.LocalChartmuseumURL = "http://localhost:8181"
diff --git a/internal/argocd/argocd.go b/internal/argocd/argocd.go
index 6a261ed07..34d095c9e 100644
--- a/internal/argocd/argocd.go
+++ b/internal/argocd/argocd.go
@@ -45,9 +45,8 @@ type Config struct {
 		Ingress   struct {
 			Enabled     string `yaml:"enabled"`
 			Annotations struct {
-				IngressKubernetesIoRewriteTarget      string `yaml:"ingress.kubernetes.io/rewrite-target"`
-				IngressKubernetesIoBackendProtocol    string `yaml:"ingress.kubernetes.io/backend-protocol"`
-				IngressKubernetesIoActionsSslRedirect string `yaml:"ingress.kubernetes.io/actions.ssl-redirect"`
+				IngressKubernetesIoRewriteTarget   string `yaml:"ingress.kubernetes.io/rewrite-target"`
+				IngressKubernetesIoBackendProtocol string `yaml:"ingress.kubernetes.io/backend-protocol"`
 			} `yaml:"annotations"`
 			Hosts []string    `yaml:"hosts"`
 			TLS   []TLSConfig `yaml:"tls"`
@@ -467,7 +466,6 @@ func GetArgoCDInitialLocalConfig(gitOpsRepo string, botPrivateKey string) Config
 	argoCDConfig.Server.Ingress.Enabled = "true"
 	argoCDConfig.Server.Ingress.Annotations.IngressKubernetesIoRewriteTarget = "/"
 	argoCDConfig.Server.Ingress.Annotations.IngressKubernetesIoBackendProtocol = "HTTPS"
-	argoCDConfig.Server.Ingress.Annotations.IngressKubernetesIoActionsSslRedirect = `{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}`
 	argoCDConfig.Server.Ingress.Hosts = []string{"argocd.localdev.me"}
 
 	argoCDConfig.Server.Ingress.TLS = []TLSConfig{
diff --git a/internal/k3d/secrets.go b/internal/k3d/secrets.go
index 86ea189ec..cf45760f5 100644
--- a/internal/k3d/secrets.go
+++ b/internal/k3d/secrets.go
@@ -5,9 +5,10 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
-	"github.com/rs/zerolog/log"
 	"os"
 
+	"github.com/rs/zerolog/log"
+
 	"github.com/kubefirst/kubefirst/internal/k8s"
 	"github.com/spf13/viper"
 	v1 "k8s.io/api/core/v1"
@@ -17,7 +18,7 @@ import (
 func AddK3DSecrets(dryrun bool) error {
 	clientset, err := k8s.GetClientSet(dryrun)
 
-	newNamespaces := []string{"argo", "argocd", "atlantis", "chartmuseum", "github-runner", "vault", "development", "staging", "production"}
+	newNamespaces := []string{"argo", "argocd", "atlantis", "chartmuseum", "github-runner", "vault", "development", "staging", "production", "kubefirst", "minio"}
 	for i, s := range newNamespaces {
 		namespace := &v1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: s}}
 		_, err = clientset.CoreV1().Namespaces().Create(context.TODO(), namespace, metav1.CreateOptions{})
diff --git a/internal/k8s/kubernetes.go b/internal/k8s/kubernetes.go
index 16d811de4..491e89500 100644
--- a/internal/k8s/kubernetes.go
+++ b/internal/k8s/kubernetes.go
@@ -5,15 +5,16 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"github.com/rs/zerolog/log"
 	"io"
-	v1 "k8s.io/api/core/v1"
 	"net/http"
 	"os"
 	"os/exec"
 	"strings"
 	"time"
 
+	"github.com/rs/zerolog/log"
+	v1 "k8s.io/api/core/v1"
+
 	"github.com/itchyny/gojq"
 	"github.com/kubefirst/kubefirst/configs"
 	"github.com/kubefirst/kubefirst/internal/argocd"
@@ -386,7 +387,7 @@ func LoopUntilPodIsReady(dryRun bool) {
 	if len(token) == 0 {
 
 		totalAttempts := 50
-		url := pkg.VaultLocalURL + "/v1/sys/health"
+		url := pkg.VaultLocalURLTLS + "/v1/sys/health"
 		for i := 0; i < totalAttempts; i++ {
 			log.Info().Msgf("vault is not ready yet, sleeping and checking again, attempt (%d/%d)", i+1, totalAttempts)
 			time.Sleep(10 * time.Second)
diff --git a/pkg/helpers.go b/pkg/helpers.go
index fc10dfcca..af8c92150 100644
--- a/pkg/helpers.go
+++ b/pkg/helpers.go
@@ -3,7 +3,6 @@ package pkg
 import (
 	"errors"
 	"fmt"
-	"github.com/rs/zerolog/log"
 	"math/rand"
 	"net/http"
 	"net/url"
@@ -13,6 +12,8 @@ import (
 	"strings"
 	"time"
 
+	"github.com/rs/zerolog/log"
+
 	"github.com/kubefirst/kubefirst/internal/progressPrinter"
 
 	"github.com/kubefirst/kubefirst/configs"
@@ -252,7 +253,7 @@ func DetokenizeDirectory(path string, fi os.FileInfo, err error) error {
 		if cloud == cloudK3d {
 			newContents = strings.Replace(newContents, "<CLOUD>", cloud, -1)
 			newContents = strings.Replace(newContents, "<ARGO_WORKFLOWS_URL>", config.LocalArgoWorkflowsURL, -1)
-			newContents = strings.Replace(newContents, "<VAULT_URL>", config.LocalVaultURL, -1)
+			newContents = strings.Replace(newContents, "<VAULT_URL>", config.LocalVaultURLTLS, -1)
 			newContents = strings.Replace(newContents, "<ARGO_CD_URL>", config.LocalArgoURL, -1)
 			newContents = strings.Replace(newContents, "<ATLANTIS_URL>", config.LocalAtlantisURL, -1)
 			newContents = strings.Replace(newContents, "<CHARTMUSEUM_URL>", config.LocalChartmuseumURL, -1)