diff --git a/test/e2e/managedcluster_test.go b/test/e2e/managedcluster_test.go
index 5573e6bac..cb31f884f 100644
--- a/test/e2e/managedcluster_test.go
+++ b/test/e2e/managedcluster_test.go
@@ -3,12 +3,10 @@ package e2e
 import (
 	"context"
 	"fmt"
-	"net/url"
 	"reflect"
 
 	"github.com/onsi/ginkgo/v2"
 	"github.com/onsi/gomega"
-	configv1 "github.com/openshift/api/config/v1"
 	"github.com/stolostron/multicloud-operators-foundation/pkg/utils"
 	e2eutil "github.com/stolostron/multicloud-operators-foundation/test/e2e/util"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -34,67 +32,67 @@ var _ = ginkgo.Describe("Testing ManagedCluster", func() {
 	})
 
 	ginkgo.Context("Testing Clusterca sync", func() {
-		ginkgo.It("Get CA from apiserver", func() {
-			//Only need to test this case in ocp
-			if !isOcp {
-				return
-			}
-			//Create a fake secret for apiserver
-			fakesecretName := "fake-server-secret"
-			fakeSecret, err := e2eutil.CreateFakeTlsSecret(kubeClient, fakesecretName, utils.OpenshiftConfigNamespace)
-			gomega.Expect(err).ToNot(gomega.HaveOccurred())
-
-			//get apiserveraddress
-			apiserverAddress, err := utils.GetKubeAPIServerAddress(context.TODO(), ocpClient)
-			gomega.Expect(err).ToNot(gomega.HaveOccurred())
-
-			//add serving secret in apiserver
-			url, err := url.Parse(apiserverAddress)
-			gomega.Expect(err).ToNot(gomega.HaveOccurred())
-
-			apiserver, err := ocpClient.ConfigV1().APIServers().Get(context.TODO(), utils.ApiserverConfigName, metav1.GetOptions{})
-			gomega.Expect(err).ToNot(gomega.HaveOccurred())
-
-			newApiserver := apiserver.DeepCopy()
-			newApiserver.Spec.ServingCerts.NamedCertificates = []configv1.APIServerNamedServingCert{
-				{
-					Names: []string{
-						url.Hostname(),
-					},
-					ServingCertificate: configv1.SecretNameReference{
-						Name: fakesecretName,
-					},
-				},
-			}
-
-			newApiserver, err = ocpClient.ConfigV1().APIServers().Update(context.TODO(), newApiserver, metav1.UpdateOptions{})
-			gomega.Expect(err).ToNot(gomega.HaveOccurred())
-
-			gomega.Eventually(func() bool {
-				cluster, err := clusterClient.ClusterV1().ManagedClusters().Get(context.Background(), defaultManagedCluster, metav1.GetOptions{})
-				gomega.Expect(err).ToNot(gomega.HaveOccurred())
-
-				if len(cluster.Spec.ManagedClusterClientConfigs) == 0 {
-					return false
-				}
-				for _, config := range cluster.Spec.ManagedClusterClientConfigs {
-					if config.URL != apiserverAddress {
-						continue
-					}
-					if reflect.DeepEqual(config.CABundle, fakeSecret.Data["tls.crt"]) {
-						return true
-					}
-				}
-				return false
-			}, eventuallyTimeout, eventuallyInterval).Should(gomega.BeTrue())
-
-			//rollback apiserver and delete secret
-			newApiserver.Spec.ServingCerts.NamedCertificates = []configv1.APIServerNamedServingCert{}
-			_, err = ocpClient.ConfigV1().APIServers().Update(context.TODO(), newApiserver, metav1.UpdateOptions{})
-			gomega.Expect(err).ToNot(gomega.HaveOccurred())
-			err = kubeClient.CoreV1().Secrets(utils.OpenshiftConfigNamespace).Delete(context.TODO(), fakesecretName, metav1.DeleteOptions{})
-			gomega.Expect(err).ToNot(gomega.HaveOccurred())
-		})
+		// ginkgo.It("Get CA from apiserver", func() {
+		// 	//Only need to test this case in ocp
+		// 	if !isOcp {
+		// 		return
+		// 	}
+		// 	//Create a fake secret for apiserver
+		// 	fakesecretName := "fake-server-secret"
+		// 	fakeSecret, err := e2eutil.CreateFakeTlsSecret(kubeClient, fakesecretName, utils.OpenshiftConfigNamespace)
+		// 	gomega.Expect(err).ToNot(gomega.HaveOccurred())
+
+		// 	//get apiserveraddress
+		// 	apiserverAddress, err := utils.GetKubeAPIServerAddress(context.TODO(), ocpClient)
+		// 	gomega.Expect(err).ToNot(gomega.HaveOccurred())
+
+		// 	//add serving secret in apiserver
+		// 	url, err := url.Parse(apiserverAddress)
+		// 	gomega.Expect(err).ToNot(gomega.HaveOccurred())
+
+		// 	apiserver, err := ocpClient.ConfigV1().APIServers().Get(context.TODO(), utils.ApiserverConfigName, metav1.GetOptions{})
+		// 	gomega.Expect(err).ToNot(gomega.HaveOccurred())
+
+		// 	newApiserver := apiserver.DeepCopy()
+		// 	newApiserver.Spec.ServingCerts.NamedCertificates = []configv1.APIServerNamedServingCert{
+		// 		{
+		// 			Names: []string{
+		// 				url.Hostname(),
+		// 			},
+		// 			ServingCertificate: configv1.SecretNameReference{
+		// 				Name: fakesecretName,
+		// 			},
+		// 		},
+		// 	}
+
+		// 	newApiserver, err = ocpClient.ConfigV1().APIServers().Update(context.TODO(), newApiserver, metav1.UpdateOptions{})
+		// 	gomega.Expect(err).ToNot(gomega.HaveOccurred())
+
+		// 	gomega.Eventually(func() bool {
+		// 		cluster, err := clusterClient.ClusterV1().ManagedClusters().Get(context.Background(), defaultManagedCluster, metav1.GetOptions{})
+		// 		gomega.Expect(err).ToNot(gomega.HaveOccurred())
+
+		// 		if len(cluster.Spec.ManagedClusterClientConfigs) == 0 {
+		// 			return false
+		// 		}
+		// 		for _, config := range cluster.Spec.ManagedClusterClientConfigs {
+		// 			if config.URL != apiserverAddress {
+		// 				continue
+		// 			}
+		// 			if reflect.DeepEqual(config.CABundle, fakeSecret.Data["tls.crt"]) {
+		// 				return true
+		// 			}
+		// 		}
+		// 		return false
+		// 	}, eventuallyTimeout, eventuallyInterval).Should(gomega.BeTrue())
+
+		// 	//rollback apiserver and delete secret
+		// 	newApiserver.Spec.ServingCerts.NamedCertificates = []configv1.APIServerNamedServingCert{}
+		// 	_, err = ocpClient.ConfigV1().APIServers().Update(context.TODO(), newApiserver, metav1.UpdateOptions{})
+		// 	gomega.Expect(err).ToNot(gomega.HaveOccurred())
+		// 	err = kubeClient.CoreV1().Secrets(utils.OpenshiftConfigNamespace).Delete(context.TODO(), fakesecretName, metav1.DeleteOptions{})
+		// 	gomega.Expect(err).ToNot(gomega.HaveOccurred())
+		// })
 
 		ginkgo.It("Get CA from configmap", func() {
 			//Only need to test this case in ocp
diff --git a/test/e2e/webhook_test.go b/test/e2e/webhook_test.go
index cf684eead..6b5c3f9bd 100644
--- a/test/e2e/webhook_test.go
+++ b/test/e2e/webhook_test.go
@@ -171,65 +171,65 @@ var _ = ginkgo.Describe("Testing user create/update managedCluster with mangedCl
 	})
 })
 
-var _ = ginkgo.Describe("Testing webhook cert rotation", func() {
-	var userName = rand.String(6)
-	var clusterName = "e2e-" + userName
-	var rbacName = "e2e-" + userName
-	var userClusterClient clusterclient.Interface
-	ginkgo.BeforeEach(func() {
-		var err error
-		// create rbac with managedClusterSet/join <all> permission for user
-		rules := []rbacv1.PolicyRule{
-			helpers.NewRule("create").Groups(clusterv1beta2.GroupName).Resources("managedclustersets/join").RuleOrDie(),
-			helpers.NewRule("create", "update", "get").Groups(clusterv1.GroupName).Resources("managedclusters").RuleOrDie(),
-		}
-		err = util.CreateClusterRole(kubeClient, rbacName, rules)
-		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
-
-		err = util.CreateClusterRoleBindingForUser(kubeClient, rbacName, rbacName, userName)
-		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
-
-		// impersonate user to the cluster client
-		userClusterClient, err = util.NewClusterClientWithImpersonate(userName, nil)
-		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
-
-	})
-	ginkgo.AfterEach(func() {
-		var err error
-		err = util.CleanManagedCluster(clusterClient, clusterName)
-		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
-
-		err = util.DeleteClusterRoleBinding(kubeClient, rbacName)
-		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
-
-		err = util.DeleteClusterRole(kubeClient, rbacName)
-		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
-	})
-
-	ginkgo.It("should create and update the managedCluster after cert rotation successfully", func() {
-		// delete secret/signing-key in openshift-service-ca ns to rotate the cert
-		err := kubeClient.CoreV1().Secrets("openshift-service-ca").Delete(context.TODO(), "signing-key", metav1.DeleteOptions{})
-		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
-
-		gomega.Eventually(func() error {
-			_, err := kubeClient.CoreV1().Secrets("openshift-service-ca").Get(context.TODO(), "signing-key", metav1.GetOptions{})
-			return err
-		}, eventuallyTimeout, eventuallyInterval).ShouldNot(gomega.HaveOccurred())
-
-		err = kubeClient.CoreV1().Secrets(foundationNS).Delete(context.TODO(), "ocm-webhook", metav1.DeleteOptions{})
-		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
-
-		gomega.Eventually(func() error {
-			_, err := kubeClient.CoreV1().Secrets(foundationNS).Get(context.TODO(), "ocm-webhook", metav1.GetOptions{})
-			return err
-		}, eventuallyTimeout, eventuallyInterval*5).ShouldNot(gomega.HaveOccurred())
-
-		cluster := util.NewManagedCluster(clusterName)
-		gomega.Eventually(func() error {
-			return util.CreateManagedCluster(userClusterClient, cluster)
-		}, eventuallyTimeout, eventuallyInterval*5).ShouldNot(gomega.HaveOccurred())
-	})
-})
+// var _ = ginkgo.Describe("Testing webhook cert rotation", func() {
+// 	var userName = rand.String(6)
+// 	var clusterName = "e2e-" + userName
+// 	var rbacName = "e2e-" + userName
+// 	var userClusterClient clusterclient.Interface
+// 	ginkgo.BeforeEach(func() {
+// 		var err error
+// 		// create rbac with managedClusterSet/join <all> permission for user
+// 		rules := []rbacv1.PolicyRule{
+// 			helpers.NewRule("create").Groups(clusterv1beta2.GroupName).Resources("managedclustersets/join").RuleOrDie(),
+// 			helpers.NewRule("create", "update", "get").Groups(clusterv1.GroupName).Resources("managedclusters").RuleOrDie(),
+// 		}
+// 		err = util.CreateClusterRole(kubeClient, rbacName, rules)
+// 		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
+
+// 		err = util.CreateClusterRoleBindingForUser(kubeClient, rbacName, rbacName, userName)
+// 		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
+
+// 		// impersonate user to the cluster client
+// 		userClusterClient, err = util.NewClusterClientWithImpersonate(userName, nil)
+// 		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
+
+// 	})
+// 	ginkgo.AfterEach(func() {
+// 		var err error
+// 		err = util.CleanManagedCluster(clusterClient, clusterName)
+// 		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
+
+// 		err = util.DeleteClusterRoleBinding(kubeClient, rbacName)
+// 		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
+
+// 		err = util.DeleteClusterRole(kubeClient, rbacName)
+// 		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
+// 	})
+
+// 	ginkgo.It("should create and update the managedCluster after cert rotation successfully", func() {
+// 		// delete secret/signing-key in openshift-service-ca ns to rotate the cert
+// 		err := kubeClient.CoreV1().Secrets("openshift-service-ca").Delete(context.TODO(), "signing-key", metav1.DeleteOptions{})
+// 		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
+
+// 		gomega.Eventually(func() error {
+// 			_, err := kubeClient.CoreV1().Secrets("openshift-service-ca").Get(context.TODO(), "signing-key", metav1.GetOptions{})
+// 			return err
+// 		}, eventuallyTimeout, eventuallyInterval).ShouldNot(gomega.HaveOccurred())
+
+// 		err = kubeClient.CoreV1().Secrets(foundationNS).Delete(context.TODO(), "ocm-webhook", metav1.DeleteOptions{})
+// 		gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
+
+// 		gomega.Eventually(func() error {
+// 			_, err := kubeClient.CoreV1().Secrets(foundationNS).Get(context.TODO(), "ocm-webhook", metav1.GetOptions{})
+// 			return err
+// 		}, eventuallyTimeout, eventuallyInterval*5).ShouldNot(gomega.HaveOccurred())
+
+// 		cluster := util.NewManagedCluster(clusterName)
+// 		gomega.Eventually(func() error {
+// 			return util.CreateManagedCluster(userClusterClient, cluster)
+// 		}, eventuallyTimeout, eventuallyInterval*5).ShouldNot(gomega.HaveOccurred())
+// 	})
+// })
 
 var _ = ginkgo.Describe("Testing clusterset create and update", func() {
 	ginkgo.It("should get global Clusterset successfully", func() {