authentication cluster-operator degraded caused by RouterCertsDegraded in RHOCP 4

Solution Verified - Updated -

Issue

  • The authentication operator is degraded with the error below not being able to authenticate in the OpenShift Console:

        RouterCertsDegraded: neither the custom secret/v4-0-config-system-router-certs -n openshift-authentication or default secret/v4-0-config-system-custom-router-certs -n openshift-authentication could be retrieved: secret "v4-0-config-system-router-certs" not found
reason: IngressStateEndpoints_MissingSubsets::OAuthServerConfigObservation_Error::OAuthServerDeployment_UnavailablePod::OAuthServerRouteEndpointAccessibleController_SyncError::OAuthServerServiceEndpointAccessibleController_SyncError::OAuthServerServiceEndpointsEndpointAccessibleController_SyncError::RouterCerts_NoRouterCertSecret

  • The authentication operator is degraded not being able to log into the OpenShift Console and the ingress controller is showing a Warning where the security profile is not defined, then rejecting to apply as below:

    2023-04-18T14:30:00.056Z        DEBUG   operator.init.events    record/event.go:314     security profile is not defined {"type": "Warning", "object": {"kind":"IngressController","namespace":"openshift-ingress-operator","name":"default","uid":"31b4383d-e782-45bf-be1c-f3c43c26ee7d","apiVersion":"operator.openshift.io/v1","resourceVersion":"530043652"}, "reason": Rejected"}

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content