diff --git a/roles/installer/templates/ldap.py.j2 b/roles/installer/templates/ldap.py.j2
index 969e3e59..cbfc6f7f 100644
--- a/roles/installer/templates/ldap.py.j2
+++ b/roles/installer/templates/ldap.py.j2
@@ -1,5 +1,5 @@
 AUTH_LDAP_GLOBAL_OPTIONS = {
-{% if ldap_cacert_secret %}
+{% if ldap_cacert_ca_crt %}
     ldap.OPT_X_TLS_REQUIRE_CERT: True,
     ldap.OPT_X_TLS_CACERTFILE: "/etc/openldap/certs/ldap-ca.crt"
 {% endif %}
diff --git a/roles/installer/templates/tower_deployment.yaml.j2 b/roles/installer/templates/tower_deployment.yaml.j2
index 370be302..40ea2be0 100644
--- a/roles/installer/templates/tower_deployment.yaml.j2
+++ b/roles/installer/templates/tower_deployment.yaml.j2
@@ -58,7 +58,7 @@ spec:
               mountPath: "/etc/nginx/pki"
               readOnly: true
 {% endif %}
-{% if ldap_cacert_secret %}
+{% if ldap_cacert_ca_crt %}
             - name: "{{ meta.name }}-ldap-cacert"
               mountPath: /etc/openldap/certs/ldap-ca.crt
               subPath: ldap-ca.crt
@@ -204,7 +204,7 @@ spec:
               - key: tls.crt
                 path: 'web.crt'
 {% endif %}
-{% if ldap_cacert_secret %}
+{% if ldap_cacert_ca_crt %}
         - name: "{{ meta.name }}-ldap-cacert"
           secret:
             secretName: "{{ ldap_cacert_secret }}"
diff --git a/roles/installer/vars/main.yml b/roles/installer/vars/main.yml
index 81c42a1e..7ab069c9 100644
--- a/roles/installer/vars/main.yml
+++ b/roles/installer/vars/main.yml
@@ -1,3 +1,4 @@
 ---
 postgres_initdb_args: '--auth-host=scram-sha-256'
 postgres_host_auth_method: 'scram-sha-256'
+ldap_cacert_ca_crt: ''