Cluster network operator pod 's internal webhook exposes an API which certificate could eventually expire.

Solution Verified - Updated -

Issue

When using vulnerability scans as Nessus Scan, we can eventually find a certificate expired (or not yet) contacting 9104 port of the node where the cluster-network-operator is running.

NOTE: this certificate is generated for internal purposes and it is not impacting the cluster at all. This endpoint is internal and not exposing any sensible information. It will be disabled in future versions.

Environment

  • Red Hat Openshift Container Platform 4.10.x and older

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content