diff --git a/modules/services/step-ca/mtls.nix b/modules/services/step-ca/mtls.nix
index 7ae9fde..b7da51e 100644
--- a/modules/services/step-ca/mtls.nix
+++ b/modules/services/step-ca/mtls.nix
@@ -97,21 +97,8 @@ let
       if ${lib.getExe pkgs.step-cli} certificate needs-renewal "${tlsCert}"; then
         echo "Renewing mTLS certificate"
       else
-        rc=$?
-        case "$rc" in
-          1)
-            echo "mTLS certificate does not need renewal"
-            exit 0
-            ;;
-          2)
-            echo "mTLS certificate missing: ${tlsCert}" >&2
-            exit 1
-            ;;
-          *)
-            echo "step certificate needs-renewal failed with rc=$rc" >&2
-            exit "$rc"
-            ;;
-        esac
+        echo "Skipping renew"
+        exit "$?"
       fi
 
       ${lib.getExe pkgs.step-cli} ca renew --force "${tlsCert}" "${tlsKey}"