Openstack 16.1 Puppet uses /etc/pki/CA/certs/vnc.crt, instead of /etc/ipa/ca.crt

Issue

• Puppet uses /etc/pki/CA/certs/vnc.crt, instead of /etc/ipa/ca.crt.
• Deployment of overcloud using FreeIPA, IDM, server fails on controllers and computes with an error similar to:

fatal: [overcloud-controller-2]: FAILED! => {"ansible_job_id": "2169753008.25540", "attempts": 43, "changed": true, "cmd": "set -o pipefail; puppet apply  --modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --detailed-exitcodes --summarize --color=false   /var/lib/tripleo-config/puppet_step_config.pp 2>&1 | logger -s -t puppet-user", "delta": "0:02:17.047808", "end": "2021-05-01 16:49:43.656355", "failed_when_result": true, "finished": 1, "msg": "non-zero return code", "rc": 6, "start": "2021-05-01 16:47:26.608547", "stderr": "<13>May  1 16:47:26 puppet-user: Warning: The function 'hiera' is deprecated in favor of using 'lookup'. See https://puppet.com/docs/puppet/5.5/deprecated_language.html\\n   (file & line not available)\n<13>May  1 16:47:32 puppet-user: Warning: /etc/puppet/hiera.yaml: Use of 'hiera.yaml' version 3 is deprecated. It should be converted to version 5\n<13>May  1 16:47:32 puppet-user:    (file: /etc/puppet/hiera.yaml)\n<13>May  1 16:47:32 puppet-user: Warning: Undefined variable '::deploy_config_name'; \\n   (file & line not available)\n<13>May  1 16:47:32 puppet-user: Warning: ModuleLoader: module 'tripleo' has unresolved dependencies - it will only see those that are resolved. Use 'puppet module list --tree' to see information about modules\\n   (file & line not available)\n<13>May  1 16:47:32 puppet-user: Warning: Undefined variable '::nova::params::vncproxy_service_name'; class nova::params has not been evaluated\\n   (file & line not available)\n<13>May  1 16:47:32 puppet-user: Warning: ModuleLoader: module 'nova' has unresolved dependencies - it will only see those that are resolved.