From 6ac440bf43d6e4631693cfe9436bb63f10cc0614 Mon Sep 17 00:00:00 2001
From: Waqar Ahmed <waqarahmedjoyia@live.com>
Date: Thu, 16 Jan 2025 00:44:12 +0500
Subject: [PATCH] Use system generated cert after TNC has been revoked

---
 .../middlewared/plugins/truenas_connect/update.py         | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/middlewared/middlewared/plugins/truenas_connect/update.py b/src/middlewared/middlewared/plugins/truenas_connect/update.py
index e0cb82efc9091..967e1c830912a 100644
--- a/src/middlewared/middlewared/plugins/truenas_connect/update.py
+++ b/src/middlewared/middlewared/plugins/truenas_connect/update.py
@@ -144,10 +144,16 @@ async def unset_registration_details(self):
         if creds is None:
             return
 
-        # If we have a cert set, we will try to revoke it
+        # If we have a cert set, we will try to revoke it and also update system to use system cert
         if config['certificate']:
+            logger.debug('Setting up self generated cert for UI')
+            await self.middleware.call('certificate.setup_self_signed_cert_for_ui')
+            logger.debug('Restarting nginx to consume self generated cert')
+            await self.middleware.call('system.general.ui_restart', 2)
+            logger.debug('Revoking existing TNC cert')
             await self.middleware.call('tn_connect.acme.revoke_cert')
 
+        logger.debug('Revoking TNC user account')
         # We need to revoke the user account now
         response = await self._call(
             get_account_service_url(config).format(**creds), 'delete', headers=await self.auth_headers(config),