Cluster and Web consoles show "Certificate signed by unknown authority" errors after redeploying certificates

Solution Verified - Updated -


  • Cluster Console and/or Application Console components start showing SSL/TLS errors after using the redeploy-certificates.yml playbook.

  • Some of the following errors might be seen in the console components:

    • x509: certificate signed by unknown authority
    • http: TLS handshake error from remote error: tls: unknown certificate authority
    • http: TLS handshake error from x.x.x.x:xyz: remote error: tls: expired certificate

    • Performed a certificate redeploy. The openshift-web-console web interface is not working after updating self-signed certificates


  • Red Hat OpenShift Container Platform (OCP) 3.11

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content