diff --git a/charts/cert-manager/templates/clusterissuer.yaml b/charts/cert-manager/templates/clusterissuer.yaml
index 4b430bf..a8c9a16 100644
--- a/charts/cert-manager/templates/clusterissuer.yaml
+++ b/charts/cert-manager/templates/clusterissuer.yaml
@@ -2,7 +2,7 @@
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
-  name: selfsigned-issuer
+  name: {{ $.Values.issuers.default.name | quote }}
   annotations:
     argocd.argoproj.io/sync-wave: "5"
 spec:
@@ -13,7 +13,7 @@ spec:
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
-  name: ca-issuer
+  name: {{ $.Values.issuers.ca.name | quote }}
   annotations:
     argocd.argoproj.io/sync-wave: "5"
 spec:
@@ -23,7 +23,7 @@ spec:
 {{- if index $.Values "cert-manager" "clusterIssuers" }}
 {{- if index $.Values "cert-manager" "clusterIssuers" "letsencrypt" }}
 {{- if index $.Values "cert-manager" "clusterIssuers" "letsencrypt" "enabled" }}
-{{- range $name, $issuer := index $.Values "letsencrypt" "issuers" }}
+{{- range $name, $issuer := index $.Values "issuers" "letsencrypt" }}
 ---
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
diff --git a/locals.tf b/locals.tf
index 0164fda..91b9832 100644
--- a/locals.tf
+++ b/locals.tf
@@ -1,5 +1,11 @@
 locals {
   issuers = {
+    default = {
+      name = "selfsigned-issuer"
+    }
+    ca = { # This value is only used when using the self-signed variant.
+      name = "ca-issuer"
+    }
     letsencrypt = {
       production = {
         name   = "letsencrypt-prod"
@@ -26,8 +32,10 @@ locals {
         }
       }
     }
-    letsencrypt = {
-      issuers = { for issuer_id, issuer in local.issuers.letsencrypt :
+    issuers = {
+      default = local.issuers.default
+      ca      = local.issuers.ca
+      letsencrypt = { for issuer_id, issuer in local.issuers.letsencrypt :
         issuer.name => {
           email  = issuer.email
           server = issuer.server
diff --git a/outputs.tf b/outputs.tf
index d16ded2..6eb83f9 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -6,9 +6,9 @@ output "id" {
 output "cluster_issuers" {
   description = "List of cluster issuers created by cert-manager."
   value = merge({
-    default = "selfsigned-issuer"
+    default = local.issuers.default.name
     }, {
-    for issuer_id, issuer in { ca = "ca-issuer" } : issuer_id => issuer
+    for issuer_id, issuer in { ca = local.issuers.ca.name } : issuer_id => issuer
     if can(var.helm_values[0].cert-manager.tlsCrt) && can(var.helm_values[0].cert-manager.tlsKey)
     }, {
     for issuer_id, issuer in local.issuers.letsencrypt : issuer_id => issuer.name