diff --git a/HOWTOS.md b/HOWTOS.md
index a9090b5da4206c793d29aab58ccd8c353a9f2d56..a80cc5a0480a012453bed2cf2293bb551d497ce1 100644
--- a/HOWTOS.md
+++ b/HOWTOS.md
@@ -20,7 +20,6 @@ To update configuration files for all docker containers together, run the follow
 To update configuration files only for specific services, run the following commands:
 	ansible-playbook -i inventories soctools.yml -t update-keycloak-config
 	ansible-playbook -i inventories soctools.yml -t update-thehive-config
-	ansible-playbook -i inventories soctools.yml -t update-cortex-config
 
 
 Restart services inside docker containers using Ansible
@@ -30,7 +29,6 @@ To restart services for all docker containers together, run the following comman
 To restart services only for specific docker containers, run the following commands:
         ansible-playbook -i inventories soctools.yml -t restart-keycloak
         ansible-playbook -i inventories soctools.yml -t restart-thehive
-        ansible-playbook -i inventories soctools.yml -t restart-cortex
 
 Stop services inside docker containers using Ansible
 ----------------------------------------------------
@@ -39,7 +37,6 @@ To stop services for all docker containers together, run the following command:
 To stop services only for specific docker containers, run the following commands:
         ansible-playbook -i inventories soctools.yml -t stop-keycloak
         ansible-playbook -i inventories soctools.yml -t stop-thehive
-        ansible-playbook -i inventories soctools.yml -t stop-cortex
 
 Restart services inside docker containers manually
 --------------------------------------------------
diff --git a/roles/build/templates/cortex/Dockerfile.j2 b/roles/build/templates/cortex/Dockerfile.j2
index ceeb6a59132f30e1ca21978a4ee873b97f05e2d3..76c60662c05675b61f7acfbde36ad46aa1351c44 100644
--- a/roles/build/templates/cortex/Dockerfile.j2
+++ b/roles/build/templates/cortex/Dockerfile.j2
@@ -10,7 +10,7 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
     yum install -y epel-release && \
     rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \
     rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \
-    yum install -y cortex supervisor rsync daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch  gcc-c++ whois && \
+    yum install -y cortex supervisor daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch  gcc-c++ whois && \
     rpm -Uvh https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-6.8.13.rpm && \
     chown -R elasticsearch:elasticsearch /etc/elasticsearch && \
     mkdir -p /home/cortex && \
diff --git a/roles/cortex/tasks/main.yml b/roles/cortex/tasks/main.yml
index 42dbce24e023adb6f9fc4cda640ced5f3f8ef18f..0c150c2d77aceeed67d702cd02f85b26ebff0504 100644
--- a/roles/cortex/tasks/main.yml
+++ b/roles/cortex/tasks/main.yml
@@ -1,18 +1,96 @@
 ---
 
-- include: start.yml
+- name: Copy cacert to ca-trust dir
+  remote_user: root
+  copy:
+    src: "files/{{ca_cn}}.crt"
+    dest: /etc/pki/ca-trust/source/anchors/ca.crt
   tags:
-   - start
-   - startcortex
-- include: stop.yml
+    - start
+    - startcortex
+
+- name: Install cacert to root truststore
+  remote_user: root
+  command: "update-ca-trust"
+  tags:
+    - start
+    - startcortex
+
+- name: Copy certificates in cortex conf dir
+  remote_user: cortex
+  copy:
+    src:  "{{ item }}"
+    dest: "/etc/cortex/{{ item }}"
+    mode: 0600
+  with_items:
+    - "{{ inventory_hostname }}.p12"
+    - "{{ inventory_hostname }}.crt"
+    - "{{ inventory_hostname }}.key"
+    - cacerts.jks
+    - "{{ca_cn}}.crt"
+  tags:
+    - start
+    - startcortex
+
+- name: Configure embedded Elasticsearch 6
+  remote_user: root
+  template:
+    src: jvm.options.j2
+    dest: /etc/elasticsearch/jvm.options
+  tags:
+    - start
+    - startcortex
+
+- name: Start embedded Elasticsearch 6
+  remote_user: root
+  command: "supervisorctl start elasticsearch"
+  tags:
+    - start
+    - startcortex
+
+- name: Configure Cortex
+  remote_user: cortex
+  template:
+    src: application.conf.j2
+    dest: /etc/cortex/application.conf
   tags:
-   - stop
-   - stop-cortex
-- include: update-config.yml
+    - start
+    - startcortex
+
+- name: Start Cortex
+  remote_user: root
+  command: "supervisorctl start cortex"
   tags:
-   - update-config
-   - update-cortex-config
-- include: restart.yml
+    - start
+    - startcortex
+
+- name: Wait for Cortex
+  remote_user: root
+  wait_for:
+    host: "{{groups['cortex'][0]}}"
+    port: 9001
+    state: started
+    delay: 5
   tags:
-   - restart
-   - restart-cortex
+    - start
+    - startcortex
+
+- name: Set Autostart for supervisord's services
+  shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf"
+  tags:
+    - start
+
+- name: Stop Elasticsearch
+  remote_user: root
+  command: "supervisorctl stop elasticsearch"
+  tags:
+    - stop
+    - stopelasticsearch
+
+- name: Stop Cortex
+  remote_user: root
+  command: "supervisorctl stop cortex"
+  tags:
+    - stop
+    - stopcortex
+
diff --git a/roles/keycloak/tasks/start.yml b/roles/keycloak/tasks/start.yml
index 75088a3e914ecf07f383a62a81264a53b3278501..e691b26e100217bfdd9f02390fc57767356b4364 100644
--- a/roles/keycloak/tasks/start.yml
+++ b/roles/keycloak/tasks/start.yml
@@ -92,7 +92,4 @@
       local:  "roles/misp/files/mispsecret"
 
 - name: Set Autostart for supervisord's services
-  replace:
-    path: /etc/supervisord.conf
-    regexp: '^autostart=false$'
-    replace: 'autostart=true'
+  shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf"
diff --git a/roles/thehive/tasks/start.yml b/roles/thehive/tasks/start.yml
index e1766f59bccd2e836a8a0f50f39e6e210da43f7f..33a136bffda2f69156da07a3a97c4bcb9addecfb 100644
--- a/roles/thehive/tasks/start.yml
+++ b/roles/thehive/tasks/start.yml
@@ -24,6 +24,3 @@
     regexp: '^autostart=false$'
     replace: 'autostart=true'
 
-- name: Stop TheHive
-  remote_user: root
-  command: "supervisorctl stop thehive"
diff --git a/soctools.yml b/soctools.yml
index d89befdf6fcaeef42cdb5bc52acf75a875d5465b..142b7e51d7771420c3e818ad90aef726683a9546 100644
--- a/soctools.yml
+++ b/soctools.yml
@@ -2,16 +2,16 @@
 
 - name: Start soctools cluster
   import_playbook: startsoctools.yml
-  when: "'start' or 'config' in ansible_run_tags"
+  when: "'start' in ansible_run_tags or 'config' in ansible_run_tags"
 
 - name: Stop soctools cluster
   import_playbook: stopsoctools.yml
-  when: "'stop' or 'stop-thehive' or 'stop-keycloak' or 'stop-cortex' in ansible_run_tags"
+  when: "'stop' in ansible_run_tags or 'stop-thehive' in ansible_run_tags or 'stop-keycloak' in ansible_run_tags"
 
 - name: Update soctools cluster configs
   import_playbook: update-config-soctools.yml
-  when: "'update-config' or 'update-keycloak-config' or 'update-thehive-config' or 'update-cortex-config' in ansible_run_tags"
+  when: "'update-config' in ansible_run_tags or 'update-keycloak-config' in ansible_run_tags or 'update-thehive-config' in ansible_run_tags"
 
 - name: restart soctools cluster servics
   import_playbook: restart-soctools.yml
-  when: "'restart' or 'restart-thehive' or 'restart-keycloak' or 'restart-cortex' in ansible_run_tags"
+  when: "'restart' in ansible_run_tags or 'restart-thehive' in ansible_run_tags or 'restart-keycloak' in ansible_run_tags"