Renewed certificates are wiped out after RHEL Atomic patch rollback.

Solution Verified - Updated -


  • After running the redeploy-certificates.yml playbook to renew OpenShift cluster certificates followed by RHEL Atomic Host rollback to v 7.7.3 from v7.4.4, the /etc/origin/master folder went back to the previous state and the certificates got expired.
  • Renewing the cluster certificates and then rolling back the RHEL Atomic Host to a previous version causes the Openshift cluster certificates to expire.


  • Red Hat OpenShift Container Platform
    • 3.x
  • RHEL Atomic host
    • 7.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In