--certs-regenerate-ca should also regenerate ueber certificates
Description of problem:
When regenerating the CA certificates on Katello the ueber certificates should also be regenerated. Otherwise, downstream Proxies will run into issues with synchronizing content.
Steps to Reproduce:
1. Delete contents of /root/ssl-build and /root/ssl-build/<KAT_FQDN>
2. # katello-installer --certs-update-all --certs-regenerate-ca --certs-regenerate
3. Generate and install new certificate bundle for Proxies
4. Observe that Proxy content synchronization fails
nectar.downloaders.threaded:ERROR: Skipping requests to <KAT_FQDN> due to repeated connection failures: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:579)
- ueber certificate is still based off of old CA
- Proxy content synchronization fails
- ueber certificate has been refreshed against the new CA
- Proxy content synchronization is successful
Can be worked around by manually deleting the old ueber certificates in Candlepin.
Perhaps the installer can run this rake task in upstream that regenerates the ueber certificates: