Create missing ca certs
diff --git a/roles/libvirt/tasks/main.yml b/roles/libvirt/tasks/main.yml
index eb4b4d9..f0affe5 100644
--- a/roles/libvirt/tasks/main.yml
+++ b/roles/libvirt/tasks/main.yml
@@ -36,6 +36,32 @@
         name: "{{ libvirt_helm_release_name }}"
         namespace: "{{ libvirt_helm_release_namespace }}"
 
+- name: Create CA certificates
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      - apiVersion: cert-manager.io/v1
+        kind: Certificate
+        metadata:
+          name: "{{ item }}-ca"
+          namespace: openstack
+        spec:
+          commonName: libvirt
+          duration: 87600h0m0s
+          isCA: true
+          issuerRef:
+            group: cert-manager.io
+            kind: ClusterIssuer
+            name: self-signed
+          privateKey:
+            algorithm: ECDSA
+            size: 256
+          renewBefore: 720h0m0s
+          secretName: "{{ item }}-ca"
+  loop:
+    - libvirt-vnc
+    - libvirt-api
+
 - name: Create Issuers
   kubernetes.core.k8s:
     state: present