Description of problem:
Failures occur during an OSP13 deployment that has TLS Everywhere enabled where access to the IDM server is _not_ via the ctlplane network.
For example, if access to the IDM server is routed through one of the other controller networks besides ctlplane, then an overcloud node that is being deployed will not be enrolled with IDM and the deployment process will subsequently fail with getcert requests returning errors.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Design a configuration where the IDM server is accessible via a network other than ctlplane
2. Deploy an OSP13 configuration with TLS Everywhere enabled
Up and downstream changes have merged. Moving bug to POST.
Raised BZ#1719194 for docs requirements.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.