Hosted Control Plane ETCD certificates failed to auto renew

Solution Verified - Updated -

Issue

  • The etcd pods were having frequent restarts and stuck in crashloopbackoff
etcd-0                                               3/4     Running                         5      (46s ago)        16m
etcd-1                                               3/4     CrashLoopBackOff   1167  (110s ago)       46d
etcd-2                                               3/4     Running                         1167  (2m40s ago) 46d

oc logs etcd-0
{"level":"warn","ts":"2025-07-28T08:20:11.762346Z","caller":"embed/config_logging.go:170","msg":"rejected connection on peer endpoint","remote-addr":"10.x.y.z:57264","server-name":"etcd-0.etcd-discovery.clusters-<cluster-name>.svc","error":"remote error: tls: bad certificate"}

Environment

  • Red Hat OpenShift Container Platform 4.x
    • Hosted Control Plane 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content