ipa-server-upgrade script fails with the error: "[X509: KEY_VALUES_MISMATCH] key values mismatch (_ssl.c:2554)"
Issue
ipa-server-upgrade script fails with the following errors in /var/log/ipaupgrade.log :
ipa.ipaserver.install.ipa_server_upgrade.ServerUpgrade: DEBUG: The ipa-server-upgrade command failed, exception: NetworkError: cannot connect to 'https://ipa01.example.com:8443/ca/rest/account/login': [X509: KEY_VALUES_MISMATCH] key values mismatch (_ssl.c:2554)
ipa.ipaserver.install.ipa_server_upgrade.ServerUpgrade: ERROR: Unexpected error - see /var/log/ipaupgrade.log for details:
NetworkError: cannot connect to 'https://ipa01.example.com:8443/ca/rest/account/login': [X509: KEY_VALUES_MISMATCH] key values mismatch (_ssl.c:2554)
ipa.ipaserver.install.ipa_server_upgrade.ServerUpgrade: ERROR: The ipa-server-upgrade command failed. See /var/log/ipaupgrade.log for more information
2017-12-04T06:25:01Z DEBUG client_certificate: /var/lib/ipa/ra-agent.pem || client_keyfile: /var/lib/ipa/ra-agent.key
2017-12-04T06:25:01Z DEBUG httplib request failed:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ipapython/dogtag.py", line 204, in _httplib_request
conn = connection_factory(host, port)
File "/usr/lib/python2.7/site-packages/ipapython/dogtag.py", line 158, in connection_factory
tls_version_max=api.env.tls_version_max)
File "/usr/lib/python2.7/site-packages/ipalib/util.py", line 330, in create_https_connection
ctx.load_cert_chain(client_certfile, client_keyfile, passwd)
SSLError: [X509: KEY_VALUES_MISMATCH] key values mismatch (_ssl.c:2554)
Environment
- Red Hat Enterprise Linux 7.4
- ipa-server-4.5.0-21.el7_4.2.2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.