OVN northd certificate expired in Red Hat OpenShift Container Platform 4.8

Solution In Progress - Updated -

Issue

OVN northd certificates expire in Red Hat OpenShift Container Platform (OCP) 4.8. Due to certificate expiration, OVN communication breaks, and pods cannot be spawned. The ovnkube logs show timed out waiting for OVS port binding.

Northd containers show the following messages, which identify the issue:

2022-10-06T14:25:55.432931141+00:00 stderr F 2022-10-06T14:25:55Z|00073|stream_ssl|WARN|SSL_read: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
2022-10-06T14:25:55.432931141+00:00 stderr F 2022-10-06T14:25:55Z|00074|jsonrpc|WARN|ssl:x.x.x.x:9641: receive error: Input/output error
2022-10-06T14:25:55.433083506+00:00 stderr F 2022-10-06T14:25:55Z|00075|reconnect|WARN|ssl:x.x.x.x:9641: connection dropped (Input/output error)

Environment

Red Hat OpenShift Container Platform 4.8 and before

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content