diff --git a/go.mod b/go.mod
index 2c0dd9b26c..a00e1c979f 100644
--- a/go.mod
+++ b/go.mod
@@ -91,7 +91,7 @@ require github.com/hashicorp/go-dbw v0.0.0-20220412153211-c470aec9369f // this i
 
 require (
 	github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20220512190651-85bdcdd684e6
-	github.com/hashicorp/nodeenrollment v0.0.0-20220516125915-9a115b0fb887
+	github.com/hashicorp/nodeenrollment v0.0.0-20220519180751-27ee40a67a33
 )
 
 require (
diff --git a/go.sum b/go.sum
index 7c42047291..32481aff2c 100644
--- a/go.sum
+++ b/go.sum
@@ -743,6 +743,10 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/hashicorp/nodeenrollment v0.0.0-20220516125915-9a115b0fb887 h1:Ov/lPq1YFKt6CLPCriEL21NqMndrJEKNLIZW9qJYpaE=
 github.com/hashicorp/nodeenrollment v0.0.0-20220516125915-9a115b0fb887/go.mod h1:8l3RSuZJAibZKnqX6tvLaeoFzPhDf4oCRVsyFjU5Soc=
+github.com/hashicorp/nodeenrollment v0.0.0-20220519052605-83a44d379ae6 h1:NrZnIV4TYGDymhzcx/xNIe02obXSrJsPJrPm+OZdXug=
+github.com/hashicorp/nodeenrollment v0.0.0-20220519052605-83a44d379ae6/go.mod h1:8l3RSuZJAibZKnqX6tvLaeoFzPhDf4oCRVsyFjU5Soc=
+github.com/hashicorp/nodeenrollment v0.0.0-20220519180751-27ee40a67a33 h1:kVIAR0iBLc224QqU4l9QQuJBN8MuEjanc7rHzuCIUVM=
+github.com/hashicorp/nodeenrollment v0.0.0-20220519180751-27ee40a67a33/go.mod h1:8l3RSuZJAibZKnqX6tvLaeoFzPhDf4oCRVsyFjU5Soc=
 github.com/hashicorp/vault/api v1.3.1 h1:pkDkcgTh47PRjY1NEFeofqR4W/HkNUi9qIakESO2aRM=
 github.com/hashicorp/vault/api v1.3.1/go.mod h1:QeJoWxMFt+MsuWcYhmwRLwKEXrjwAFFywzhptMsTIUw=
 github.com/hashicorp/vault/sdk v0.1.13/go.mod h1:B+hVj7TpuQY1Y/GPbCpffmgd+tSEwvhkWnjtSYCaS2M=
diff --git a/internal/daemon/controller/controller.go b/internal/daemon/controller/controller.go
index 066cd5df56..a1da547a94 100644
--- a/internal/daemon/controller/controller.go
+++ b/internal/daemon/controller/controller.go
@@ -36,7 +36,7 @@ import (
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/go-secure-stdlib/mlock"
 	"github.com/hashicorp/go-secure-stdlib/pluginutil/v2"
-	"github.com/hashicorp/nodeenrollment/noderegistration"
+	"github.com/hashicorp/nodeenrollment/registration"
 	"github.com/hashicorp/nodeenrollment/rotation"
 	nodeefile "github.com/hashicorp/nodeenrollment/storage/file"
 	ua "go.uber.org/atomic"
@@ -407,5 +407,5 @@ func (c *Controller) WorkerStatusUpdateTimes() *sync.Map {
 }
 
 func (c *Controller) AuthorizeNodeeWorker(keyId string) error {
-	return noderegistration.AuthorizeNode(c.baseContext, c.NodeeFileStorage, keyId)
+	return registration.AuthorizeNode(c.baseContext, c.NodeeFileStorage, keyId)
 }
diff --git a/internal/daemon/controller/handlers/workers/multihop_service.go b/internal/daemon/controller/handlers/workers/multihop_service.go
index a840abeeea..9a84ea9f92 100644
--- a/internal/daemon/controller/handlers/workers/multihop_service.go
+++ b/internal/daemon/controller/handlers/workers/multihop_service.go
@@ -6,8 +6,8 @@ import (
 
 	pbs "github.com/hashicorp/nodeenrollment/multihop"
 	"github.com/hashicorp/nodeenrollment/nodeauth"
-	"github.com/hashicorp/nodeenrollment/noderegistration"
-	"github.com/hashicorp/nodeenrollment/nodetls"
+	"github.com/hashicorp/nodeenrollment/registration"
+	"github.com/hashicorp/nodeenrollment/tls"
 	"github.com/hashicorp/nodeenrollment/types"
 )
 
@@ -33,7 +33,7 @@ func (m *multihopServiceServer) FetchNodeCredentials(ctx context.Context, req *t
 	if err != nil {
 		return nil, fmt.Errorf("%s: error getting current parameters: %w", op, err)
 	}
-	return noderegistration.FetchNodeCredentials(ctx, storage, req, opt...)
+	return registration.FetchNodeCredentials(ctx, storage, req, opt...)
 }
 
 func (m *multihopServiceServer) GenerateServerCertificates(ctx context.Context, req *types.GenerateServerCertificatesRequest) (*types.GenerateServerCertificatesResponse, error) {
@@ -42,5 +42,5 @@ func (m *multihopServiceServer) GenerateServerCertificates(ctx context.Context,
 	if err != nil {
 		return nil, fmt.Errorf("%s: error getting current parameters: %w", op, err)
 	}
-	return nodetls.GenerateServerCertificates(ctx, storage, req, opt...)
+	return tls.GenerateServerCertificates(ctx, storage, req, opt...)
 }
diff --git a/internal/daemon/worker/worker.go b/internal/daemon/worker/worker.go
index 3b410b82d9..182c7832b4 100644
--- a/internal/daemon/worker/worker.go
+++ b/internal/daemon/worker/worker.go
@@ -186,9 +186,9 @@ func (w *Worker) Start() error {
 		return err
 	}
 
-	var nodeCreds types.NodeCredentials
-	if err := nodeCreds.GenerateRegistrationParameters(w.baseContext, w.NodeeFileStorage); err != nil {
-		return err
+	nodeCreds, err := types.NewNodeCredentials(w.baseContext, w.NodeeFileStorage)
+	if err != nil {
+		return fmt.Errorf("error generating new node creds: %w", err)
 	}
 	w.NodeeKeyId, err = nodee.KeyIdFromPkix(nodeCreds.CertificatePublicKeyPkix)
 	if err != nil {