diff --git a/agent/connect/ca/provider_consul.go b/agent/connect/ca/provider_consul.go
index 5cbf744ab..f4c1ab4d9 100644
--- a/agent/connect/ca/provider_consul.go
+++ b/agent/connect/ca/provider_consul.go
@@ -45,23 +45,18 @@ func NewConsulProvider(rawConfig map[string]interface{}, delegate ConsulProvider
 	// Check if this configuration of the provider has already been
 	// initialized in the state store.
 	state := delegate.State()
-	_, providerState, err := state.CAProviderState(provider.id)
+	idx, providerState, err := state.CAProviderState(provider.id)
 	if err != nil {
 		return nil, err
 	}
 
-	// Exit early if the state store has already been populated for this config.
-	if providerState != nil {
-		return provider, nil
-	}
-
 	newState := structs.CAConsulProviderState{
 		ID: provider.id,
 	}
 
 	// Write the initial provider state to get the index to use for the
 	// CA serial number.
-	{
+	if providerState == nil {
 		args := &structs.CARequest{
 			Op:            structs.CAOpSetProviderState,
 			ProviderState: &newState,
@@ -69,11 +64,11 @@ func NewConsulProvider(rawConfig map[string]interface{}, delegate ConsulProvider
 		if err := delegate.ApplyCARequest(args); err != nil {
 			return nil, err
 		}
-	}
 
-	idx, _, err := state.CAProviderState(provider.id)
-	if err != nil {
-		return nil, err
+		idx, _, err = state.CAProviderState(provider.id)
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	// Generate a private key if needed
diff --git a/agent/consul/leader_test.go b/agent/consul/leader_test.go
index c56477abf..9bf8a4f84 100644
--- a/agent/consul/leader_test.go
+++ b/agent/consul/leader_test.go
@@ -864,21 +864,16 @@ func TestLeader_RollRaftServer(t *testing.T) {
 
 func TestLeader_ChangeServerID(t *testing.T) {
 	t.Parallel()
-	conf := func(c *Config) {
-		c.Bootstrap = false
-		c.BootstrapExpect = 3
-		c.Datacenter = "dc1"
-		c.RaftConfig.ProtocolVersion = 3
-	}
-	dir1, s1 := testServerWithConfig(t, conf)
+
+	dir1, s1 := testServerDCBootstrap(t, "dc1", true)
 	defer os.RemoveAll(dir1)
 	defer s1.Shutdown()
 
-	dir2, s2 := testServerWithConfig(t, conf)
+	dir2, s2 := testServerDCBootstrap(t, "dc1", false)
 	defer os.RemoveAll(dir2)
 	defer s2.Shutdown()
 
-	dir3, s3 := testServerWithConfig(t, conf)
+	dir3, s3 := testServerDCBootstrap(t, "dc1", false)
 	defer os.RemoveAll(dir3)
 	defer s3.Shutdown()
 
@@ -891,8 +886,12 @@ func TestLeader_ChangeServerID(t *testing.T) {
 		retry.Run(t, func(r *retry.R) { r.Check(wantPeers(s, 3)) })
 	}
 
+	testrpc.WaitForLeader(t, s1.RPC, "dc1")
+
 	// Shut down a server, freeing up its address/port
-	s3.Shutdown()
+	if err := s3.Shutdown(); err != nil {
+		t.Fatal(err)
+	}
 
 	retry.Run(t, func(r *retry.R) {
 		alive := 0
@@ -909,9 +908,6 @@ func TestLeader_ChangeServerID(t *testing.T) {
 	// Bring up a new server with s3's address that will get a different ID
 	dir4, s4 := testServerWithConfig(t, func(c *Config) {
 		c.Bootstrap = false
-		c.BootstrapExpect = 3
-		c.Datacenter = "dc1"
-		c.RaftConfig.ProtocolVersion = 3
 		c.SerfLANConfig.MemberlistConfig = s3.config.SerfLANConfig.MemberlistConfig
 		c.RPCAddr = s3.config.RPCAddr
 		c.RPCAdvertise = s3.config.RPCAdvertise