After applying changes we see that the update fails at the 1st pre-check.
This mentions it fails on the job pks-api.
You are unable to login to VM after update or upgrade:
Error: Failed to communicate with the TKGI API.
ubuntu@###.###.###.###:~$ tkgi login -a api.server.pks.com -u admin -k
Error: Post https://api.server.pks.com:8443/oauth/token: dial tcp ###.###.###.###:8443: connect: connection refused
The update or upgrade to deployment fails with:
Error: Action Failed get_task: Task 225f25af-0515-42c8-4365-47cbac77b6eb result: 1 of 6 pre-start scripts failed. Failed Jobs: pks-api. Successful Jobs: bpm, bosh-dns, syslog_forwarder, bosh-update-config, uaa.
The pre-start.stderr.log shows the error message:
x509 certificate routines:X509_check_private_key: key values mismatch:../crypto/x509/x509_cmp.c:405:
There is some kind of mismatch located with the pks-api certificate
Double-check the certificate located:
If these certificates do not match correct this or generate a new certificate to match and apply the change.