mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
Fix to ipa-ca-install asking for host principal password
With a ca_cert_file specified in options, the nss_db was used before the certificates from the file were added to it, which caused an exception that led to fallback to ssh which is broken. https://fedorahosted.org/freeipa/ticket/5965 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
parent
06d945a046
commit
0db48e4d04
@ -462,10 +462,6 @@ def main():
|
||||
nss_dir = paths.IPA_NSSDB_DIR
|
||||
|
||||
with certdb.NSSDatabase(nss_dir) as nss_db:
|
||||
api.bootstrap(context='client', xmlrpc_uri=xmlrpc_uri,
|
||||
nss_dir=nss_db.secdir)
|
||||
api.finalize()
|
||||
|
||||
if options.ca_cert_file:
|
||||
nss_dir = nss_db.secdir
|
||||
|
||||
@ -483,6 +479,9 @@ def main():
|
||||
else:
|
||||
nss_dir = None
|
||||
|
||||
api.bootstrap(context='client', xmlrpc_uri=xmlrpc_uri,
|
||||
nss_dir=nss_db.secdir)
|
||||
api.finalize()
|
||||
try:
|
||||
api.Backend.rpcclient.connect()
|
||||
api.Command.ping()
|
||||
|
Loading…
Reference in New Issue
Block a user