EtcdCertSignerControllerDegraded error on etcd operator

Solution Verified - Updated -


  • Following certificate error is returned when executing oc describe co etcd.
    • The same error message shows up multiple times, at least once for every etcd member.
    • Server names and IP addresses have been hidden.
Message:               EtcdCertSignerControllerDegraded: [SAN for the certificate <etcd_member_name> does not include <IP>: x509: certificate is valid for <IP>, not <IP>, SAN for the certificate [...]    
    Reason:                EtcdCertSignerController_Error
    Status:                True
    Type:                  Degraded


  • Red Hat OpenShift Container Platform 4.x.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content