Move RA agent certificate file export to a different location

HTTPS connection to certificate server requires client authentication so we need a file with client certificate and private key prior to its first occurence which happens during migration of certificate profiles to LDAP. https://fedorahosted.org/freeipa/ticket/5695 https://fedorahosted.org/freeipa/ticket/6392 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2025-02-25 18:55:28 -06:00 · 2017-01-02 17:00:00 +01:00
parent dfd560a190
commit 2a1494c9ae
8 changed files with 17 additions and 19 deletions
--- a/ipaserver/install/krainstance.py
+++ b/ipaserver/install/krainstance.py
@@ -36,8 +36,7 @@ from ipapython.dn import DN
 from ipaserver.install import cainstance
 from ipaserver.install import installutils
 from ipaserver.install import ldapupdate
-from ipaserver.install.dogtaginstance import (export_kra_agent_pem,
-                                              DogtagInstance)
+from ipaserver.install.dogtaginstance import DogtagInstance
 from ipaserver.plugins import ldap2
 from ipapython.ipa_log_manager import log_mgr

@@ -118,7 +117,6 @@ class KRAInstance(DogtagInstance):
            if not self.clone:
                self.step("create KRA agent",
                          self.__create_kra_agent)
-        self.step("exporting KRA agent cert", export_kra_agent_pem)
        if not ra_only:
            if promote:
                self.step("destroying installation admin user", self.teardown_admin)
@@ -285,9 +283,6 @@ class KRAInstance(DogtagInstance):
            os.remove(cfg_file)

        shutil.move(paths.KRA_BACKUP_KEYS_P12, paths.KRACERT_P12)
-
-        export_kra_agent_pem()
-
        self.log.debug("completed creating KRA instance")

    def __create_kra_agent(self):