Cluster network operator pod 's internal webhook exposes an API which certificate could eventually expire.
Issue
When using vulnerability scans as Nessus Scan, we can eventually find a certificate expired (or not yet) contacting 9104 port of the node where the cluster-network-operator is running.
NOTE: this certificate is generated for internal purposes and it is not impacting the cluster at all. This endpoint is internal and not exposing any sensible information. It will be disabled in future versions.
Environment
- Red Hat Openshift Container Platform 4.10.x and older
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.