Inconsistent IPA installation example in CLI vs Ansible options

Background

Installing Identity Management with external CA involves running the installer twice:

1. First step the installer would generate a CSR for Certificate Authority,
2. Signed certificate will be supplied in 2nd step for the installer to complete the whole installation process.

The second step is described in 6.iii of the interactive installation option:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/installing_identity_management/assembly_installing-an-ipa-server-without-dns-with-external-ca_installing-identity-management#proc_installing-an-ipa-server-without-dns-with-external-ca-interactive-installation_assembly_installing-an-ipa-server-without-dns-with-external-ca

In Ansible option, it is in step 9 of below section:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/installing_identity_management/installing-an-identity-management-server-using-an-ansible-playbook_installing-identity-management#setting-the-parameters-for-a-deployment-with-external-dns-and-an-external-ca-as-the-root-ca_server-ansible

Issue:

In CLI installer option, documentation provides an example command that requires two certificates:

--external-cert-file=/tmp/servercert20170601.pem --external-cert-file=/tmp/cacert.pem

Whereas in Ansible option, one certificate is required:

playbook_sensitive_data.yml
vars:
ipaserver_external_cert_files: "/root/chain.crt"

Please make the installation examples consistent.