Hi folks!
The TLS cert for sessionstore.discovery.wmnet will expire before end of May 2024:
$ openssl s_client -connect sessionstore.discovery.wmnet:8081 | openssl x509 -text [..] Validity Not Before: May 29 17:38:58 2019 GMT Not After : May 28 17:38:58 2024 GMT [..]
We should replace it to avoid any outages, or move the service to PKI/Mesh in K8s.
If we want to just regenerate the Puppet TLS cert: https://wikitech.wikimedia.org/wiki/Cergen#Update_a_certificate