diff --git a/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/certauthority.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/certauthority.yml
index 417c24b..75af6b5 100644
--- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/certauthority.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/certauthority.yml
@@ -1,10 +1,12 @@
 - block:
 
-    - name: Inject password into values file
-      ansible.builtin.copy:
-        dest: "{{ stepconfig.path }}"
-        content: "{{ lookup('ansible.builtin.file', stepconfig.path) | regex_replace('(ca_password|provisioner_password):[ ]?\n', '\\1: ' ~ (vapp['metacluster.password'] | b64encode) ~ '\n') }}"
-      no_log: true
+    - name: Import generated values file into dictionary and combine with custom values
+      ansible.builtin.set_fact:
+        values_initial: |
+          {{
+            lookup('ansible.builtin.file', stepconfig.path) | from_yaml |
+            combine( components['step-certificates'].chart_values | from_yaml, recursive=True, list_merge='append')
+          }}
 
     - name: Install step-ca chart
       kubernetes.core.helm: