Due to some changes in the API, cert-show fails for old clients.
cert-show
Reproducible: 100%
Steps to reproduce: 1. Install FreeIPA of version 4.4 or older 2. Install an old client on RHEL 6.9 or so 3. Issue cert-show 1 on the old client
cert-show 1
Expected result: Some proper output of the cert-show command
Actual result:
# ipa cert-show 1 ipa: ERROR: non-public: ValueError: cert_show.validate_output(): unexpected keys ['summary', 'value'] in {'result': {'serial_number_hex': u'0x1', 'revoked': False, 'certificate': u'<BASE64_ENCODED_CERT>', 'issuer': u'CN=Certificate Authority,O=REALM.COM', 'valid_not_before': u'Thu Jul 20 12:12:24 2017 UTC', 'valid_not_after': u'Mon Jul 20 12:12:24 2037 UTC', 'serial_number': 1, 'cacn': u'ipa', 'subject': u'CN=Certificate Authority,O=REALM.COM'}, 'value': u'1', 'summary': None} Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/ipalib/backend.py", line 129, in execute result = self.Command[_name](*args, **options) File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 449, in __call__ self.validate_output(ret) File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 930, in validate_output nice, sorted(extra), output) ValueError: cert_show.validate_output(): unexpected keys ['summary', 'value'] in {'result': {'serial_number_hex': u'0x1', 'revoked': False, 'certificate': u'<BASE64_ENCODED_CERT>', 'issuer': u'CN=Certificate Authority,O=REALM.COM', 'valid_not_before': u'Thu Jul 20 12:12:24 2017 UTC', 'valid_not_after': u'Mon Jul 20 12:12:24 2037 UTC', 'serial_number': 1, 'cacn': u'ipa', 'subject': u'CN=Certificate Authority,O=REALM.COM'}, 'value': u'1', 'summary': None} ipa: ERROR: an internal error has occurred
Possible cause: https://pagure.io/freeipa/c/d44ffdad4285bf2a1c0b044e07ef1b18c7d50de1
Metadata Update from @pvoborni: - Issue set to the milestone: FreeIPA 4.5.4
Metadata Update from @tkrizek: - Issue set to the milestone: FreeIPA 4.5.5 (was: FreeIPA 4.5.4)
Still occurs against a 4.7.x master.
Login to comment on this ticket.