Warn when certificates are about to expire
We have had two total cluster collapses because of expired certificates. Once with node certs and once with reverse proxy certs. The only feasable way of recovery was a total cluster rebuild. I think Microsoft should have provided a warning email about certificates that are about to expire, and also make sure they are automatically renewed instead of just letting the cluster collapse. And in the event when the cluster has collapsed because of a certificate problem, there should have been a simple tool to recover the cluster with a new certificate. Now this process is extremely complex and error prone.