Add the /etc/pki/totpcgi/totpcgi-ca.crt and move totpcgi-server.key

roles/fas_server/tasks/main.yml

@@ -191,8 +191,9 @@
   copy: src="{{ puppet_private }}/{{ item.file }}" dest="{{ item.dest }}"
         owner=fas group=fas mode=0400
   with_items:
-  - {file: 2fa-certs/keys/fas-all.stg.phx2.fedoraproject.org.key, dest: /etc/pki/tls/private/totpcgi-server.key }
   - {file: 2fa-certs/keys/fas-all.stg.phx2.fedoraproject.org.crt, dest: /etc/pki/totpcgi/totpcgi-server.crt }
+  - {file: 2fa-certs/keys/fas-all.stg.phx2.fedoraproject.org.key, dest: /etc/pki/totpcgi/totpcgi-server.key }
+  - {file: 2fa-certs/keys/ca.crt, dest: /etc/pki/totpcgi/totpcgi-ca.crt }
   when: master_fas_node == True and '.stg.' in inventory_hostname
   tags:
   - config
@@ -201,8 +202,9 @@
   copy: src="{{ puppet_private }}/{{ item.file }}" dest="{{ item.dest }}"
         owner=fas group=fas mode=0400
   with_items:
-  - {file: 2fa-certs/keys/fas-all.phx2.fedoraproject.org.key, dest: /etc/pki/tls/private/totpcgi-server.key }
   - {file: 2fa-certs/keys/fas-all.phx2.fedoraproject.org.crt, dest: /etc/pki/totpcgi/totpcgi-server.crt }
+  - {file: 2fa-certs/keys/fas-all.phx2.fedoraproject.org.key, dest: /etc/pki/totpcgi/private/totpcgi-server.key }
+  - {file: 2fa-certs/keys/ca.crt, dest: /etc/pki/totpcgi/totpcgi-ca.crt }
   when: master_fas_node == True and not '.stg.' in inventory_hostname 
   tags:
   - config