diff --git a/bin/create_config.sh b/bin/create_config.sh
index 87bdced4256ee8f2166978846155022e82efea43..c8f172818edb5b854eff140d510b8a9087a26ed5 100755
--- a/bin/create_config.sh
+++ b/bin/create_config.sh
@@ -4,12 +4,15 @@
 # IML DEPLOYMENT ... REPLACE SCRIPT FOR TEMPLATES 
 #
 # ----------------------------------------------------------------------
-#
+# SYNTAX:
+# create_config.sh TEMPLATEFILE OUTPUTFILE REPLACEMENTFILE(S)
+# It finishes with non zero exitcode on any error.
 # ----------------------------------------------------------------------
 # 2020-12-15  v0.0  <axel.hahn@iml.unibe.ch>
 # 2021-05-07  v1.0  <axel.hahn@iml.unibe.ch>  multiple replacement files
 # 2021-05-27  v1.1  <axel.hahn@iml.unibe.ch>  Warn on missing replacements; handle Ruby vars with single and double quotes
 # 2021-11-01  v1.2  <axel.hahn@iml.unibe.ch>  save config diffs for deploy_app.sh
+# 2023-12-19  v1.3  <axel.hahn@iml.unibe.ch>  create a uniq tmp file
 # ======================================================================
 
 # ----------------------------------------------------------------------
@@ -22,7 +25,7 @@ shift 2
 replacefile=$*
 test -z "$replacefile" && replacefile="replace*.txt"
 
-tmpfile=/tmp/myreplacement.tmp
+tmpfile=$( mktemp -u )
 usage="USAGE: $( basename $0 ) TEMPLATE-FILE OUTFILE [optional: REPLACE-DATA-FILE(S)]"
 
 # cfgdiff is set in setProfile in ../deploy_app.sh while running through a profile
@@ -89,11 +92,11 @@ echo --- Replacements to apply: $iReplacements
 if [ $iReplacements -eq 0 ]; then
     _err "ERROR: No replacements were found ... maybe a wrong syntax?"
     _err "       Use KEY=VALUE; no spaces in front; now quotes around VALUE"
-    exit 2
+    exit 3
 fi
 
 # --- create temporary file to make all replacements in it
-cat $tplfile > $tmpfile
+cat "$tplfile" > "${tmpfile}"
 
 # --- apply replace rules
 grep "^[a-zA-Z]" $replacefile | grep "=" | while read line
@@ -108,14 +111,21 @@ do
     regex2="<\%\=\ *\@replace\[\"$key\"\]\ *\%>"
 
     # Show a warning if both regex do not match
-    grep "$regex1" $tmpfile >/dev/null \
-      || grep "$regex2" $tmpfile >/dev/null \
+    grep "$regex1" "${tmpfile}" >/dev/null \
+      || grep "$regex2" "${tmpfile}" >/dev/null \
       || echo "WARNING: template [$tplfile] has no placeholder key [$key]"
 
-    sed -i "s#$regex1#$val#g" $tmpfile
-    sed -i "s#$regex2#$val#g" $tmpfile
+    sed -i "s#$regex1#$val#g" "${tmpfile}"
+    sed -i "s#$regex2#$val#g" "${tmpfile}"
 done
 
+# --- if file actions would destroy our file - maybe it never happens
+if [ ! -f "${tmpfile}" ]; then
+    _err "ERROR: Something strange happened: the created tmpfile does not exist anymore."
+    _err "       ${tmpfile}"
+    exit 4
+fi
+
 # --- verify changes
 echo
 echo --- Changes:
@@ -140,16 +150,17 @@ diff "${outfile}" "${tmpfile}"  >/dev/null 2>/dev/null || bHasChanges=1
 diff "${outfile}" "${tmpfile}" | sed "s#^#${outfile} #g" >> ${cfgdiff} 2>/dev/null
 if [ $bHasChanges -eq 0 ]; then
     _warn "INFO: no changes in ${outfile}."
+    rm -f "${tmpfile}"
 else
     echo "INFO: writing ${outfile} ..."
-    mv -f "${tmpfile}" "${outfile}" || exit 4
+    mv -f "${tmpfile}" "${outfile}" || exit 5
 fi
 
 
 ls -l  "${outfile}" 
 if [ $? -ne 0 ]; then
     _err "ERROR: unable to write target file $outfile."
-    exit 4
+    exit 6
 fi
 
 echo