Skip to content

Add health tests for certificates and nb api endpoint resolution #525

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
arudell wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Add health tests for certificates and nb api endpoint resolution #525

arudell wants to merge 8 commits into from
+164 −24

Conversation

@arudell
Copy link
Member

@arudell arudell commented Dec 30, 2025
edited
Loading

Description

This pull request introduces several enhancements and fixes related to SDN certificate health checks, DNS resolution, and remediation guidance in the SDN diagnostics module. The main improvements include new certificate validation tests, more robust DNS resolution logic, and clearer remediation instructions for detected issues.

Certificate Health Checks:

  • Added two new health tests: Test-SdnCertificateExpired (checks for expired/expiring SDN certificates) and Test-SdnCertificateMultiple (detects multiple certificates with the same subject name), including their configuration, documentation links, and integration into server and load balancer health validation flows. [1] [2] [3] [4] [5]
  • Updated Get-SdnMuxCertificate and Get-SdnServerCertificate to accept a NetworkControllerOid switch for more flexible certificate retrieval, and improved their documentation. [1] [2] [3]

DNS Resolution Improvements:

  • Refactored Test-SdnNetworkControllerApiNameResolution to accept a simple endpoint string, enumerate and filter DNS servers, and attempt resolution against each, with detailed failure reporting and remediation guidance.

Remediation Guidance Enhancements:

  • Improved remediation output formatting in Write-HealthValidationInfo to handle array-based instructions and provide clearer, actionable steps for certificate and DNS issues. [1] [2]

Configuration and Impact Updates:

  • Updated impact and documentation details for certificate and DNS health tests in SdnDiag.Health.Config.psd1 to reflect new behaviors and provide direct links to troubleshooting guides.

These changes collectively improve the accuracy and clarity of SDN health diagnostics, especially around certificate management and DNS configuration, making troubleshooting more effective for operators and support teams.

Change type

  • Bug fix (non-breaking change)
  • Code style update (formatting, local variables)
  • New Feature (non-breaking change that adds new functionality without impacting existing)
  • Breaking change (fix or feature that may cause functionality impact)
  • Other

Checklist:

  • My code follows the style and contribution guidelines of this project.
  • I have tested and validated my code changes.

@arudell arudell requested a review from a team as a code owner December 30, 2025 22:38
@arudell arudell changed the title Add tests to locate multiple or expired certificates for muxes and hosts Add health tests for certificates and nb api endpoint resolution Dec 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@arudell