Minor: Regenerated HTTPS certificate is not picked up by gRPC server

[martinboers]

To reproduce on AXC F 2152 FW 2023.0:

• Type 1 reset.

• Change the IP address - in this case, to 192.168.8.222

• Enable the (pre-release) remote gRPC Server option in the PLCnext Runtime.

• On a remote machine, run the following grpcurl command:

  $ grpcurl 192.168.8.222:50051 describe
  Failed to dial target host "192.168.8.222:50051": x509: certificate is valid for 192.168.1.10, not 192.168.8.222
  

  (that's the expected result)

• Open the WBM site and open the Web Services page from the Configuration menu.

• Regenerate the HTTPS certificate by selecting "Re-generate HTTPS certificate" and then "Apply".

• The Output.log file gives the following messages:

  01.02.23 09:32:04.033 Arp.Services.Wcm.WebConfigurationManager                     INFO  - Regenerating self-signed HTTPS certificate..
  01.02.23 09:32:04.098 Arp.Services.Wcm.Internal.IdentityStoreConfigurator          INFO  - Self-signed HTTPS certificate generated. Saving the certificate to file /opt/plcnext/Security/IdentityStores/HTTPS-self-signed/certificate.pem
  01.02.23 09:32:04.121 Arp.Services.Wcm.Internal.IdentityStoreConfigurator          INFO  - Successfully saved self-signed certificate
  01.02.23 09:32:04.123 Arp.Services.Wcm.WebConfigurationManager                     INFO  - Self-signed HTTPS certificate has been re-generated
  01.02.23 09:32:08.339 Arp.Services.Wcm.Internal.NginxConfigurator                  INFO  - NGINX configuration has been reloaded
  01.02.23 09:32:08.344 Arp.Services.Wcm.WebConfigurationManager                     INFO  - HTTPS TLS config have been set
  01.02.23 09:32:08.365 Arp.Services.Wcm.WebConfigurationManager                     INFO  - Setting HTTPS certificate Identity Store to HTTPS-self-signed
  01.02.23 09:32:08.665 Arp.Services.Wcm.Internal.NginxConfigurator                  INFO  - NGINX configuration has been reloaded
  01.02.23 09:32:08.667 Arp.Services.Modules.Wbm.Wcm.Internal.WcmHandler             INFO  - Identity Store for HTTPS certificate is: HTTPS-self-signed
  

• On the remote machine, run the following grpcurl command:

  $ grpcurl 192.168.8.222:50051 describe
  Failed to dial target host "192.168.8.222:50051": x509: certificate is valid for 192.168.1.10, not 192.168.8.222
  

=> Problem: It looks like the new HTTPS certificate has been picked up by NGINX, but not by the gRPC server.

• Restart the PLCnext Runtime.

• Try the command again:

  $ grpcurl 192.168.8.222:50051 describe
  Failed to dial target host "192.168.8.222:50051": x509: certificate signed by unknown authority
  

=> OK. (the unknown signer is a different issue).