Admin endpoint certificate on subclouds is currently overwritten by the copy in /etc/platform/config/<version> directory after each reboot. The copy under /etc/platform/config/<version> directory is not being updated when certificate is renewed. This causes admin endpoint certificate on subcloud becomes expired after the old certificate originally created at bootstrap is expired and a reboot on the controller node.
Severity:
---------
Medium, this can cause loss of communication between system controller and subcloud for short period of time
after subcloud controller reboot.
Steps to Reproduce:
-------------------
With a subcloud that is managed, wait for its admin endpoint certificate is expired. Reboot the subcloud controller(s), verify its admin endpoint.
The admin endpoint certificate is expired. And after a while, the certificate is corrected by the cert-mon.
Expected Behavior:
------------------
Admin endpoint certificate should not become expired.
Admin endpoint certificate on subclouds is currently overwritten by the copy in /etc/platform/ config/ <version> directory after each reboot. The copy under /etc/platform/ config/ <version> directory is not being updated when certificate is renewed. This causes admin endpoint certificate on subcloud becomes expired after the old certificate originally created at bootstrap is expired and a reboot on the controller node.
Severity:
---------
Medium, this can cause loss of communication between system controller and subcloud for short period of time
after subcloud controller reboot.
Steps to Reproduce:
-------------------
With a subcloud that is managed, wait for its admin endpoint certificate is expired. Reboot the subcloud controller(s), verify its admin endpoint.
The admin endpoint certificate is expired. And after a while, the certificate is corrected by the cert-mon.
Expected Behavior:
------------------
Admin endpoint certificate should not become expired.