Candlepin after cert upgrade and ipa realm post 400 error

Support
1

Problem: After re-newing ssl certs and a restart we cannot kickstart nodes due to post real 400 errors
Jan 19 11:22:57 katello01 smart-proxy: 127.0.0.1 - - [19/Jan/2024:11:22:57 PST] “POST /realm/MYDOMAIN.NET/ HTTP/1.1” 400 104

Expected outcome: 200 exist status as was before 7 days ago

Foreman and Proxy versions:
foreman-2.2.1-1.el7.noarch
foreman-proxy-2.2.1-1.el7.noarch

Foreman and Proxy plugin versions:

tfm-rubygem-foreman-tasks-core-0.3.4-1.fm2_1.el7.noarch
katello01.gld.dreamworks.net-foreman-proxy-client-1.0-34.noarch
foreman-debug-2.2.1-1.el7.noarch
tfm-rubygem-foreman_remote_execution_core-1.3.1-1.el7.noarch
rubygem-foreman_maintain-0.7.1-1.el7.noarch
tfm-rubygem-hammer_cli_foreman_docker-0.0.7-1.el7.noarch
foreman-installer-2.2.1-1.el7.noarch
tfm-rubygem-foreman_docker-5.0.0-3.fm2_1.el7.noarch
tfm-rubygem-foreman_remote_execution-4.1.0-1.fm2_2.el7.noarch
foreman-ec2-2.2.1-1.el7.noarch
katello01.gld.dreamworks.net-foreman-proxy-1.0-34.noarch
tfm-rubygem-hammer_cli_foreman_bootdisk-0.3.0-1.el7.noarch
foreman-release-scl-7-3.el7.noarch
foreman-service-2.2.1-1.el7.noarch
foreman-release-2.2.1-1.el7.noarch
tfm-rubygem-hammer_cli_foreman_tasks-0.0.15-1.fm2_2.el7.noarch
foreman-postgresql-2.2.1-1.el7.noarch
foreman-bootloaders-redhat-tftpboot-202005201200-1.el7.noarch
foreman-dynflow-sidekiq-2.2.1-1.el7.noarch
foreman-cli-2.2.1-1.el7.noarch
foreman-selinux-2.2.1-1.el7.noarch
foreman-ovirt-2.2.1-1.el7.noarch
tfm-rubygem-foreman-tasks-3.0.1-1.fm2_2.el7.noarch
katello01.gld.dreamworks.net-foreman-client-1.0-34.noarch
foreman-bootloaders-redhat-202005201200-1.el7.noarch
foreman-installer-katello-2.2.1-1.el7.noarch
foreman-vmware-2.2.1-1.el7.noarch
tfm-rubygem-hammer_cli_foreman-2.2.0-1.el7.noarch

Distribution and version:
RHEL7.9

Other relevant data:

2

The cert seems to check out i.e. the real-proxy ipa keytab, not sure if a 400 can occur with just a timeout?

3

disregard this unless its helpful for others in the future, we had multiple issues at the same time, keytab was fine, IDM/ipa was also having issues at the same time i.e. rest API went down hence the 400