diff --git a/.github/workflows/tls.yaml b/.github/workflows/tls.yaml
index 478fa0369..0a24d5a87 100644
--- a/.github/workflows/tls.yaml
+++ b/.github/workflows/tls.yaml
@@ -22,22 +22,17 @@ jobs:
       - name: Install dependencies
         run: |
           cd $GITHUB_WORKSPACE
-          sudo apt-get update
-          sudo apt-get install -y apache2-utils openssl
           mkdir -p test/data
           cd test/data
           ../scripts/gen_certs.sh
-          htpasswd -bBn test test123 > htpasswd
       - name: Check for TLS settings
-        continue-on-error: true
         run: |
           cd $GITHUB_WORKSPACE
           make binary
-          bin/zot-linux-amd64 serve examples/config-tls.json &
+          bin/zot-linux-amd64 serve examples/config-tls.json & echo $! > zot.PID
           sleep 5
-          curl -kv --tls-max 1.0 -0  https://localhost:8080/v2/
-          if [[ "$?" -eq 0 ]]; then echo "TLSv1.0 detected"; exit 1; fi
-          curl -kv --tls-max 1.1 -0  https://localhost:8080/v2/
-          if [[ "$?" -eq 0 ]]; then echo "TLSv1.1 detected"; exit 1; fi
-          curl -kv --tls-max 1.2 -0  https://localhost:8080/v2/
-          if [[ "$?" -ne 0 ]]; then echo "TLSv1.2 missing"; exit 1; fi
+          # Check if zot server is running
+          cat /proc/$(cat zot.PID)/status | grep State || exit 1
+
+          # zot server is running: proceed to testing
+          ./test/scripts/tls_scan.sh
diff --git a/examples/config-tls.json b/examples/config-tls.json
index 703c1a3fb..1c80ad2e0 100644
--- a/examples/config-tls.json
+++ b/examples/config-tls.json
@@ -8,8 +8,8 @@
     "port": "8080",
     "realm": "zot",
     "tls": {
-      "cert": "../../test/data/server.cert",
-      "key": "../../test/data/server.key"
+      "cert": "test/data/server.cert",
+      "key": "test/data/server.key"
     }
   },
   "log": {
diff --git a/test/scripts/tls_scan.sh b/test/scripts/tls_scan.sh
new file mode 100755
index 000000000..9f5d59d6f
--- /dev/null
+++ b/test/scripts/tls_scan.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+set -x
+
+curl -kv --tls-max 1.0 https://localhost:8080/v2/
+if [[ "$?" -eq 0 ]]; then echo "TLSv1.0 detected"; exit 1; fi
+
+curl -kv --tls-max 1.1 https://localhost:8080/v2/
+if [[ "$?" -eq 0 ]]; then echo "TLSv1.1 detected"; exit 1; fi
+
+curl -kv --tls-max 1.2 https://localhost:8080/v2/
+if [[ "$?" -ne 0 ]]; then echo "TLSv1.2 missing"; exit 1; fi
+
+curl -kv --tls-max 1.3 https://localhost:8080/v2/
+if [[ "$?" -ne 0 ]]; then echo "TLSv1.3 missing"; exit 1; fi
+
+exit 0