cannot upgrade freeipa-server

probably a bug in dogtag, dunno..

I think I do not have this problem anymore. There are still problems in upgrading from pre-releases to 4.7.1 (see #1800631), but probably for different reasons.

Status changed to 'Confirmed' because the bug affects multiple users.

Just tried upgrade from current Bionic (4.7.0~pre1+git20180411-2ubuntu2) to a local build from Disco sources (4.7.2-1ubuntu1). Commented out ONLY_CLIENT=1 in debian/rules to build the server packages.

After fixing some minor issues*, the upgrade goes through until "RemoteRetrieveError: Failed to authenticate to CA REST API" happens at the step "Migrating certificate profiles to LDAP".

I've looked all over but couldn't find a fix or workaround. Has this been solved? Can I help?

BTW: suggest retitling this bug to "cannot upgrade freeipa-server: Failed to authenticate to CA REST API.

*) Will report separately, with patches.

there is no dogtag-pki in 19.04, so you can't do that

> there is no dogtag-pki in 19.04, so you can't do that

I'm aware. I built the package from Disco sources with the server packages enabled (ONLY_CLIENT=0), thinking that would be the closest to what will go into 20.04 LTS.

As I'm rolling out a fresh deployment, I could either go with Bionic and upgrade a live deployment to 20.04 LTS next year, or "slide into it" from pre-release packages while considering my deployment tentative (and possibly having to restart from scratch).

I'd like to go for the second, but I suppose starting from Disco source isn't the way to do this?

BTW, just did a fresh install of the Disco 4.7.2 (+ server) packages, and they work just fine. The issue is/was in the upgrade.

closing old bugs related to the server as we haven't had it available for a while