diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index 04db6c5b09..7a73c75244 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -95,7 +95,7 @@ parameters:
     description: Specifies the default CA cert to use if TLS is used for
                  services in the internal network.
   InternalTLSVncCAFile:
-    default: '/etc/ipa/ca.crt'
+    default: '/etc/pki/CA/certs/vnc.crt'
     type: string
     description: Specifies the CA cert to use for VNC TLS.
   LibvirtCACert:
diff --git a/docker/services/nova-vnc-proxy.yaml b/docker/services/nova-vnc-proxy.yaml
index 36def83f43..a48b22cf0e 100644
--- a/docker/services/nova-vnc-proxy.yaml
+++ b/docker/services/nova-vnc-proxy.yaml
@@ -55,7 +55,7 @@ parameters:
                  enable TLS transaport for libvirt VNC and configure the
                  relevant keys for libvirt.
   InternalTLSVncCAFile:
-    default: '/etc/ipa/ca.crt'
+    default: '/etc/pki/CA/certs/vnc.crt'
     type: string
     description: Specifies the CA cert to use for VNC TLS.
   LibvirtVncCACert:
diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml
index e012573c11..45f3bac60a 100644
--- a/puppet/services/nova-libvirt.yaml
+++ b/puppet/services/nova-libvirt.yaml
@@ -88,7 +88,7 @@ parameters:
     description: Specifies the default CA cert to use if TLS is used for
                  services in the internal network.
   InternalTLSVncCAFile:
-    default: '/etc/ipa/ca.crt'
+    default: '/etc/pki/CA/certs/vnc.crt'
     type: string
     description: Specifies the CA cert to use for VNC TLS.
   LibvirtCACert:
diff --git a/puppet/services/nova-vnc-proxy.yaml b/puppet/services/nova-vnc-proxy.yaml
index 763dbab6d8..2a57b23a99 100644
--- a/puppet/services/nova-vnc-proxy.yaml
+++ b/puppet/services/nova-vnc-proxy.yaml
@@ -56,7 +56,7 @@ parameters:
                  enable TLS transaport for libvirt VNC and configure the
                  relevant keys for libvirt.
   InternalTLSVncCAFile:
-    default: '/etc/ipa/ca.crt'
+    default: '/etc/pki/CA/certs/vnc.crt'
     type: string
     description: Specifies the CA cert to use for VNC TLS.
   LibvirtVncCACert:
diff --git a/releasenotes/notes/nova-point-internalTLSVNCCAFile-to-ipa-ca-1dfccad609a4d4cb.yaml b/releasenotes/notes/nova-point-internalTLSVNCCAFile-to-ipa-ca-1dfccad609a4d4cb.yaml
deleted file mode 100644
index f8f832186f..0000000000
--- a/releasenotes/notes/nova-point-internalTLSVNCCAFile-to-ipa-ca-1dfccad609a4d4cb.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-fixes:
-  - |
-    In case the freeipa CA is a sub CA of an external CA the InternalTLSVncCAFile
-    requrested does not have the full CA chain and only have the free IPA
-    CA. As a result qemu which can not verify the vnc certificate sent by
-    the vnc-proxy. The issue is in certmonger as it does not return the full
-    CA chain.
-    As a workaround, until certmonger is fixed, this change points the
-    InternalTLSVncCAFile to /etc/ipa/ca.crt which has the full CA chain.