Symptoms
The Application page of the Event Endpoint Management UI shows the following warning: When this application was migrated from a subscription, the mutual TLS credentials were auto-generated. You might need to review your credentials to ensure they continue to work as expected..
Causes
In Event Endpoint Management 11.7.x, if you define a virtual topic as secured by mTLS and an additional security control (OAuth or SASL), then it is possible to create a subscription that provides only OAuth or SASL credentials, and not supply the mTLS credentials. In 11.8.0, applications that specify mTLS must always include the mTLS credentials. If any of your subscriptions specified mTLS, but did not include mTLS credentials, then when the subscription is converted to an application, appropriate mTLS credentials are automatically generated.
You can also receive this warning if you use the Event Endpoint Management Admin API in version 11.8.0 to create subscriptions. When you create subscriptions with the Admin API, you are not required to provide mTLS credentials, and so wildcard credentials are automatically generated.
Resolving the problem
Follow these steps to replace the auto-generated credentials:
- Ensure that all your Event Endpoint Managements support applications.
- Edit the applications to replace the auto-generated mTLS credentials. You must create new mTLS credentials before you can delete the auto-generated credentials.
Note After you replace the mTLS credentials, clients must use these updated credentials. Any clients that are not using these credentials will no longer be able to access the virtual topic.