Bug 1989055: logins to the web console fail with custom oauth cert

The cluster-authentication-operator was recently updated to publish
custom certs to a managed config map `oauth-serving-cert`. The console
needs to trust this new cert before logins will work propertly with
custom certs.

See openshift/cluster-authentication-operator#464

https://bugzilla.redhat.com/show_bug.cgi?id=1989055

pkg/api/api.go

@@ -15,7 +15,7 @@ const (
 	OpenShiftConsoleConfigMapName           = "console-config"
 	OpenShiftConsolePublicConfigMapName     = "console-public"
 	ServiceCAConfigMapName                  = "service-ca"
-	DefaultIngressCertConfigMapName         = "default-ingress-cert"
+	DefaultIngressCertConfigMapName         = "oauth-serving-cert"
 	OpenShiftConsoleDeploymentName          = OpenShiftConsoleName
 	OpenShiftConsoleServiceName             = OpenShiftConsoleName
 	OpenshiftConsoleRedirectServiceName     = "console-redirect"

pkg/console/operator/sync_v400.go

@@ -319,9 +319,9 @@ func (co *consoleOperator) SyncConfigMap(
 	}
 
 	useDefaultCAFile := false
-	// We are syncing the `default-ingress-cert` configmap from `openshift-config-managed` to `openshift-console`.
-	// `default-ingress-cert` is only published in `openshift-config-managed` in OpenShift 4.4.0 and newer.
-	// If the `default-ingress-cert` configmap in `openshift-console` exists, we should mount that to the console container,
+	// We are syncing the `oauth-serving-cert` configmap from `openshift-config-managed` to `openshift-console`.
+	// `oauth-serving-cert` is only published in `openshift-config-managed` in OpenShift 4.9.0 and newer.
+	// If the `oauth-serving-cert` configmap in `openshift-console` exists, we should mount that to the console container,
 	// otherwise default to `/var/run/secrets/kubernetes.io/serviceaccount/ca.crt`
 	_, rcaErr := co.configMapClient.ConfigMaps(api.OpenShiftConsoleNamespace).Get(ctx, api.DefaultIngressCertConfigMapName, metav1.GetOptions{})
 	if rcaErr != nil && apierrors.IsNotFound(rcaErr) {