Fix certificate renewal scripts to work with separate CA DS instance.

https://fedorahosted.org/freeipa/ticket/3805

Reviewed-By: Petr Viktorin <pviktori@redhat.com>

install/restart_scripts/renew_ca_cert

@@ -90,9 +90,7 @@ def main():
 
     # Done withing stopped_service context, CA restarted here
     update_cert_config(nickname, cert)
-
-    if nickname == 'subsystemCert cert-pki-ca':
-        update_people_entry('pkidbuser', cert)
+    update_people_entry(cert)
 
     if nickname == 'auditSigningCert cert-pki-ca':
         # Fix trust on the audit cert

install/restart_scripts/renew_ra_cert

@@ -43,7 +43,7 @@ def main():
     dercert = db.get_cert_from_db('ipaCert', pem=False)
 
     # Load it into dogtag
-    update_people_entry('ipara', dercert)
+    update_people_entry(dercert)
 
     attempts = 0
     updated = False