diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d50d8318c3913f5953b261484331f6c3ace2aa10..b308980ed4d3073866918628e043a5ac141f9da1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -21,7 +21,7 @@ test-job:
     # make sure that Ansible Vaults are present and can be decrypted
     - echo "${VAULT_REPORTING}" > ../lza_reporting.pass
     - echo "${VAULT_INSTALL_COMMON}" > ../lza_install_common.pass
-    - export ANSIBLE_VAULT_PASSWORD_FILE="../lza_reporting.pass, ../lza_install_common.pass"
+    - export ANSIBLE_VAULT_IDENTITY_LIST="../lza_reporting.pass, ../lza_install_common.pass"
     - rm -rf ../ansible_vaults/
     - git clone https://gitlab+deploy-token-25:${VAULT_ACCESS_TOKEN}@git.slub-dresden.de/slub-referat-2-3/ansible_vaults.git ../ansible_vaults/; \
     # run Molecule tests
diff --git a/ansible.cfg b/ansible.cfg
index 8d086fe45d7d1e5093fe9127b8556bbcd15b4b83..4610d96acc10b3e99b55eb68374a1dad5448949a 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -2,7 +2,7 @@
 # If set, configures the path to the Vault password file as an alternative to
 # specifying --vault-password-file on the command line.
 #vault_identity_list = ../lza_reporting.pass, ../lza_install_common.pass, ../lza_server_hardening.pass, ../slub_osquery.pass
-vault_identity_list = ../lza_reporting.pass
+vault_identity_list = ../lza_reporting.pass, ../lza_install_common.pass
 
 # Path to default inventory file
 # Administrators can override this by using the "-i <inventoryfile>" CLI