diff --git a/library/roles/ubuntu-deb-general/defaults/main.yml b/library/roles/ubuntu-deb-general/defaults/main.yml
index 80f9467d..15e539c4 100644
--- a/library/roles/ubuntu-deb-general/defaults/main.yml
+++ b/library/roles/ubuntu-deb-general/defaults/main.yml
@@ -101,6 +101,7 @@ pki_dir: /etc/pki
 pki_subdirs:
   - certs
   - keys
+pki_install_a_custom_ca: False
   
 # Install our /etc/resolv.conf
 install_resolvconf: True
diff --git a/library/roles/ubuntu-deb-general/tasks/install_external_ca_cert.yml b/library/roles/ubuntu-deb-general/tasks/install_external_ca_cert.yml
index 0f268679..e26b3a9a 100644
--- a/library/roles/ubuntu-deb-general/tasks/install_external_ca_cert.yml
+++ b/library/roles/ubuntu-deb-general/tasks/install_external_ca_cert.yml
@@ -6,6 +6,7 @@
   notify: Update the CA bundle list
   tags: ca
 
-- name: Install a CA file that contains both the letsencrypt complete chain, the INFN CA certs and the TERENA personal certs CA
-  copy: src=infn-letsencrypt-ca.crt dest={{ pki_dir }}/infn-letsencrypt-ca.crt
+- name: Install a CA file with the certificates that we need. From a URL
+  get_url: url={{ pki_custom_ca_url }} dest={{ pki_dir }}/{{ pki_custom_ca_filename }}
+  when: pki_install_a_custom_ca | bool
   tags: ca