Description of problem: RHEL5.2 with ipa-client packages from RHEL5.9. The "ipa-client-install" procedure fails trying to download the certificate from an ipa server like this: # wget -O /tmp/ca.crt https://vmlbcipal01.idm.lvtc.gsnet.corp/ipa/config/ca.crt --12:16:15-- https://vmlbcipal01.idm.lvtc.gsnet.corp/ipa/config/ca.crt Resolving vmlbcipal01.idm.lvtc.gsnet.corp... 180.133.135.31 Connecting to vmlbcipal01.idm.lvtc.gsnet.corp|180.133.135.31|:443... connected. OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol Unable to establish SSL connection. Version-Release number of selected component (if applicable): ipa-client-2.1.3-5.el5_9.2 How reproducible: Run ipa-client-install in RHEL5.2 with ipa-client (and dependencies) from RHEL5.9 Steps to Reproduce: 1. Fresh RHEL5.2 2. ipa-client packages from RHEL5.9 3. Run ipa-client-install Actual results: Fails getting the certificate Expected results: Get the certificate and continue the enrollment process Additional info: Updating openssl to openssl-0.9.8e-26.el5_9.1 solves this (I don't know if a less updated version works too)
This Bugzilla has been reviewed by Red Hat and is not planned on being addressed in Red Hat Enterprise Linux 5, and therefore will be closed. If this bug is critical to production systems, please contact your Red Hat support representative and provide sufficient business justification.