commit dd4fa70d11f30a464646e79b6b7dec0ad4734810
Author: Jonathan Rosser <jonathan.rosser@rd.bbc.co.uk>
Date:   Thu Sep 24 14:23:45 2020 +0100

    Do not manage /etc/ssl or /etc/pki directories or symlinks
    
    For a metal deployment the keystone and horizon roles both try to
    do this and it should be done in one place. This is moved to the
    openstack_hosts role.
    
    Depends-On: https://review.opendev.org/757612
    Change-Id: Iba607a89b104ef8a63c9f956e2cd60f6b7ca4466

diff --git a/tasks/keystone_install.yml b/tasks/keystone_install.yml
index c2010d3..3279b1f 100644
--- a/tasks/keystone_install.yml
+++ b/tasks/keystone_install.yml
@@ -21,8 +21,6 @@
     group: "{{ item.group|default(keystone_system_group_name) }}"
     mode: "{{ item.mode|default('0755') }}"
   with_items:
-    - { path: "/etc/pki/tls/certs", owner: "root", group: "root" }
-    - { path: "/etc/pki/tls/private", owner: "root", group: "root" }
     - { path: "/var/lock/keystone", mode: "2755" }
     - { path: "/var/log/httpd", mode: "2755" }
   when:
@@ -34,8 +32,6 @@
     dest: "{{ item.dest }}"
     state: "link"
   with_items:
-    - { src: "/etc/pki/tls/certs", dest: "/etc/ssl/certs" }
-    - { src: "/etc/pki/tls/private", dest: "/etc/ssl/private" }
     - { src: "/var/log/httpd", dest: "/var/log/apache2" }
   when:
     - ansible_pkg_mgr in ['yum', 'dnf']