You'll need to copy over the certificates and manually install them in the right location. Then edit the keystone.conf file in the additional nodes to point it to the right cert and key.

# Path of the certfile for token signing. (string value)
certfile=/etc/keystone/ssl/certs/signing_cert.pem

# Path of the keyfile for token signing. (string value)
keyfile=/etc/keystone/ssl/private/signing_key.pem

# Path of the CA for token signing. (string value)
ca_certs=/etc/keystone/ssl/certs/ca.pem

# Path of the CA Key for token signing. (string value)
ca_key=/etc/keystone/ssl/private/cakey.pem

# Key Size (in bits) for token signing cert (auto generated
# certificate). (integer value)
key_size=2048

Btw, pki_setup is just for evaluational purposes. In the real world, you'll use a proper TLS cert from a CA or after September 2015, https://letsencrypt.org