[ovirt-users] What certs need monitoring for expiration for Ovirt hosts ?

Hi. I am aware of the following certs - "/etc/pki/vdsm/certs/vdsmcert.pem" - "/etc/pki/vdsm/libvirt-spice/server-cert.pem" - "/etc/pki/vdsm/libvirt-vnc/server-cert.pem" - "/etc/pki/libvirt/clientcert.pem" - "/etc/pki/vdsm/libvirt-migrate/server-cert.pem" And are monitoring them to avoid certs being expired. We have a 3rd party cert/ca - do I also need to monitor the following - "/etc/pki/ovirt-vmconsole/ca.pub" - "/etc/pki/vdsm/certs/cacert.pem" - "/etc/pki/vdsm/libvirt-migrate/ca-cert.pem" - "/etc/pki/vdsm/libvirt-spice/ca-cert.pem" - "/etc/pki/vdsm/libvirt-vnc/ca-cert.pem" - "/etc/pki/CA/cacert.pem" If the CA is updated on the engine do the above ca certs get updated with an update or re-enroll ? Thanks