Description

Adding a pre-check in AAP installer to verify if customer provided certs are valid or not. We had a case where customer used an incorrect formatted cert file causing this failure

2024-05-29T18:17:31.637840+10:00 controller nginx[328681]: nginx: [emerg] cannot load certificate "/etc/tower/tower.cert": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

Steps to Reproduce

Provide any incorrect formatted cert in the inventory file which may of DER format or any format other than PEM formatted cert.

Run the installer and see that the nginx service will fail to start on the controller nodes.

Actual Behavior

Installer currently doesn't have a pre-check to verify the certs and the certs will be applied to the controller nodes based on the inputs params from the inventory file. This causes the nginx service to fail and installer halts.

Expected Behavior

Adding a pre-check to verify the certs parameters would enhance customer experience and we can alert the user in the initial phase of the installer execution itself that the provided certs are invalid. This would also reduce for the end-user would have to wait before a failure occurs on the installer run.