Clustered engine node endpoint
The following endpoint enables clustered PingAccess engine nodes to automatically pull updated certificate information from the admin node.
This endpoint is available on the clusterconfig.temp.rotation.port port defined in the <PA_HOME>/conf/run.properties file.
/engines/rest/config-query-certificate
PingAccess engine nodes poll this endpoint continually to detect when the admin node begins using a new key pair for the config query HTTPS listener. If a new key pair is in use, each engine node automatically rotates the key pair it’s using to match the new key pair on the admin node.
During every polling check, the engine node also sends a fingerprint header indicating which key pair the engine is currently using. This lets the admin node track when all engine nodes have switched to the new key pair.