This is a clone of issue OCPBUGS-43990. The following is the description of the original issue:
—
Some clusters that were created with the agent-based installer and born in 4.15 contain all of the built-in CAs from CoreOS in the user-ca-bundle because of OCPBUGS-34721.
This causes adding a node on day 2 to fail because the InfraEnv manifest created is huge, and gets rejected by assisted-service with a 422 error.
We know the list of CAs that were present in 4.15, so we should work around this problem by ignoring those ones whenever they appear in the user-ca-bundle instead of adding them to the additionalTrustBundle in the InfraEnv.
- clones
-
OCPBUGS-43990 Work around excess CA certs in additionalTrustBundle
-
- Closed
-
- is blocked by
-
OCPBUGS-43990 Work around excess CA certs in additionalTrustBundle
-
- Closed
-
- links to
-
RHSA-2025:10767 OpenShift Container Platform 4.18.20 bug fix and security update