[stable/zed] Fix CA mount (#1312)

This is an automated cherry-pick of #1303
/assign mnaser
diff --git a/roles/defaults/defaults/main.yml b/roles/defaults/defaults/main.yml
index 58b1173..f1ccfae 100644
--- a/roles/defaults/defaults/main.yml
+++ b/roles/defaults/defaults/main.yml
@@ -25,4 +25,4 @@
 atmosphere_image_overrides: {}
 
 defaults_ca_certificates_path: >-
-  {{ '/etc/ssl/certs/ca-certificates.crt' if ansible_facts['os_family'] in ['Debian'] else '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt' }}"
+  {{ '/etc/ssl/certs/ca-certificates.crt' if ansible_facts['os_family'] in ['Debian'] else '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt' }}
diff --git a/roles/keystone/vars/main.yml b/roles/keystone/vars/main.yml
index 1b67f80..a051576 100644
--- a/roles/keystone/vars/main.yml
+++ b/roles/keystone/vars/main.yml
@@ -22,12 +22,12 @@
     mounts:
       keystone_api:
         keystone_api:
-          volumeMounts: "{{ keystone_domains | vexxhost.atmosphere.keystone_domains_to_mounts + [{'name': 'etc-ssl-certs', 'mountPath': '/etc/ssl/certs', 'readOnly': true}] }}"
+          volumeMounts: "{{ keystone_domains | vexxhost.atmosphere.keystone_domains_to_mounts + [{'name': 'ca-certificates', 'mountPath': '/etc/ssl/certs/ca-certificates.crt', 'readOnly': true}] }}"
           volumes:
             - name: keystone-openid-metadata
               configMap:
                 name: keystone-openid-metadata
-            - name: etc-ssl-certs
+            - name: ca-certificates
               hostPath:
                 path: "{{ defaults_ca_certificates_path }}"
   conf:
diff --git a/roles/magnum/vars/main.yml b/roles/magnum/vars/main.yml
index 358d145..4e0f76e 100644
--- a/roles/magnum/vars/main.yml
+++ b/roles/magnum/vars/main.yml
@@ -80,11 +80,11 @@
       magnum_conductor:
         magnum_conductor:
           volumeMounts:
-            - name: etc-ssl-certs
-              mountPath: /etc/ssl/certs
+            - name: ca-certificates
+              mountPath: /etc/ssl/certs/ca-certificates.crt
               readOnly: true
           volumes:
-            - name: etc-ssl-certs
+            - name: ca-certificates
               hostPath:
                 path: "{{ defaults_ca_certificates_path }}"
   manifests: