Description of Problem

Since middle or last week of september, The client systems managed by Red Hat Satellite or capsule have started exhibiting an odd problem. The insights-client  on them is trying to connect to cert-api.access.redhat.com atleast once and faiiing. 

It doesn't affect the systems directly connected with redhat portal as the connectivity to cert-api.access.redhat.com would not be an issue there. 

How reproducible

Always ( by the affected users )

Steps to Reproduce

1. Have a system connected with Red Hat Satellite \ Capsule
2. Register with insights using insights-client --register
3. Observe the error as well as whole execution from the logs.

Actual Behavior

• Insights-client executed
• It auto-configures based on rhsm config correctly ( i.e. to talk to the correct capsule or satellite )
• At some point , during data collection, the compliance datasource spec tries to check that system id , but fails as it's nott going through rhsm route. It's calling cert-api instead for some reason. 

~~

2025-10-06 05:09:26,349    DEBUG insights.client.utilities:155 Using existing machine-id: 'UUID'.
2025-10-06 05:09:26,349  NETWORK insights.client.connection:207 GET https://cert-api.access.redhat.com/r/insights/platform/inventory/v1/host_exists?insights_id=e3e87243-97b9-4c7f-986a-1f732670a57d
2025-10-06 05:09:26,395    ERROR insights.client.connection:75 HTTPSConnectionPool(host='cert-api.access.redhat.com', port=443): Max retries exceeded with url: /r/insights/platform/inventory/v1/host_exists?insights_id=UUID(Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1147)')))
2025-10-06 05:09:26,396    ERROR insights.client.connection:77 The Insights API could not be reached.
2025-10-06 05:09:26,396    DEBUG insights.specs.datasources.compliance:212 Failed to find system in Inventory

~~

• But due to https://github.com/RedHatInsights/insights-core/pull/4543 ,the data collection continues to happen, completes and even uploaded correctly via satellite\capsule to insights

  2025-10-06 05:09:46,991     INFO insights.client.client:362 Uploading Insights data.
  2025-10-06 05:09:46,991    DEBUG insights.client.client:365 Legacy upload attempt 1 of 1 ...
  2025-10-06 05:09:46,995    DEBUG insights.client.utilities:155 Using existing machine-id: 'UUID'.
  2025-10-06 05:09:46,995    DEBUG insights.client.connection:917 Uploading /var/tmp/insights-client-lngxrs7r/insights-rh9patchtest.example.com-20251006050923.tar.gz to https://mycapsule-fqdn:443/redhat_access/r/insights/uploads/UUID
  2025-10-06 05:09:46,995  NETWORK insights.client.connection:207 POST https://mycapsule-fqdn:443/redhat_access/r/insights/uploads/UUID headers={'x-rh-collection-time': 'None'} attachments=file:insights-r
  h9patchtest.turner.com-20251006050923.tar.gz
  2025-10-06 05:09:47,634  NETWORK insights.client.connection:212 HTTP Status: 201 Created
  2025-10-06 05:09:47,634  NETWORK insights.client.connection:214 HTTP Response Text: {"request_id":"db2d8ccd39fc450e889d336f1e70bacc","upload":{"account_number":"123456","org_id":"56789"}}
  2025-10-06 05:09:47,634    DEBUG insights.client.connection:937 Upload duration: 0:00:00.636403
  2025-10-06 05:09:47,635    DEBUG insights.client.utilities:115 Writing '/etc/insights-client/.lastupload'

  Expected Behavior

Every connection attempt should be done to the URL as configured in rhsm.conf ( i.e. via auto-configured URL from rhsm )

Business Impact / Additional info

Unexpected connection attempts are causing failures to correctly detect the system from inventory, during compliance-related datasource spec execution.