diff --git a/README.md b/README.md
index d737b680..9fbb74a1 100644
--- a/README.md
+++ b/README.md
@@ -104,5 +104,3 @@ certificates are located in `/etc/pki/katello-certs-tools/` directory
 ##Development
 
 See the CONTRIBUTING guide for steps on how to make a change and get it accepted upstream.
-
->>>>>>> Refs #6736: Updates to standard layout and basic test.
diff --git a/manifests/init.pp b/manifests/init.pp
index 58975d37..5aa7a758 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -190,6 +190,17 @@
       mode   => '0644',
     }
 
+    Ca[$server_ca_name] ~>
+    pubkey { "${pki_dir}/certs/${server_ca_name}.crt":
+      key_pair => $server_ca
+    } ~>
+    file { "${pki_dir}/certs/${server_ca_name}.crt":
+      ensure => file,
+      owner  => 'root',
+      group  => $certs::group,
+      mode   => '0644',
+    }
+
     if $generate {
       Ca[$default_ca_name] ~>
       privkey { $ca_key:
diff --git a/manifests/katello.pp b/manifests/katello.pp
index 0376a1e0..c1ebfed4 100644
--- a/manifests/katello.pp
+++ b/manifests/katello.pp
@@ -16,6 +16,7 @@
   $candlepin_consumer_name        = "katello-ca-consumer-${::fqdn}"
   $candlepin_consumer_summary     = "Subscription-manager consumer certificate for Katello instance ${::fqdn}"
   $candlepin_consumer_description = 'Consumer certificate and post installation script that configures rhsm.'
+
   file { $katello_www_pub_dir:
     ensure => directory,
     owner  => 'apache',
@@ -23,11 +24,11 @@
     mode   => '0755',
   } ->
   # Placing the CA in the pub dir for trusting by a user in their browser
-  file { "${katello_www_pub_dir}/${certs::default_ca_name}.crt":
+  file { "${katello_www_pub_dir}/${certs::server_ca_name}.crt":
     ensure => present,
-    source => "${certs::ssl_build_dir}/${certs::default_ca_name}.crt",
-    owner  => 'apache',
-    group  => 'apache',
+    source => "${certs::pki_dir}/certs/${certs::server_ca_name}.crt",
+    owner  => 'root',
+    group  => 'root',
     mode   => '0644',
   } ->
   # We need to deliver the server_ca for yum and rhsm to trust the server
@@ -36,10 +37,9 @@
     dir              => $katello_www_pub_dir,
     summary          => $candlepin_consumer_summary,
     description      => $candlepin_consumer_description,
-    files            => ["${rhsm_ca_dir}/candlepin-local.pem:644=${certs::ssl_build_dir}/${certs::default_ca_name}.crt",
-      "${rhsm_ca_dir}/katello-server-ca.pem:644 =${certs::ssl_build_dir}/${certs::server_ca_name}.crt"],
+    files            => ["${rhsm_ca_dir}/katello-server-ca.pem:644 =${certs::pki_dir}/certs/${certs::server_ca_name}.crt"],
     bootstrap_script => template('certs/rhsm-katello-reconfigure.erb'),
     alias            => $candlepin_cert_rpm_alias,
-    subscribe        => $::certs::server_ca;
+    subscribe        => $::certs::server_ca,
   }
 }