IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-27 16:46:42 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use DN objects for Dogtag configuration

Browse Source 
Use our DN objects for generating DNs, instead of relying on
string operations.
This commit is contained in:
Petr Viktorin 2012-12-05 07:00:21 -05:00 committed by Rob Crittenden
parent dae4ea4c7e
commit 2bdffa4375
1 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
ipaserver/install/cainstance.py
View File

@ -656,7 +656,8 @@ class CAInstance(service.Service):
config.set("CA", "pki_admin_email", "root@localhost")
config.set("CA", "pki_admin_password", self.admin_password)
config.set("CA", "pki_admin_nickname", "ipa-ca-agent")
config.set("CA", "pki_admin_subject_dn", "CN=ipa-ca-agent,%s" % self.subject_base)
config.set("CA", "pki_admin_subject_dn",
str(DN(('cn', 'ipa-ca-agent'), self.subject_base)))
# Directory server
config.set("CA", "pki_ds_ldap_port", str(self.ds_port))
@ -665,11 +666,16 @@ class CAInstance(service.Service):
config.set("CA", "pki_ds_database", "ipaca")
# Certificate subject DN's
config.set("CA", "pki_subsystem_subject_dn", "CN=CA Subsystem,%s" % self.subject_base)
config.set("CA", "pki_ocsp_signing_subject_dn", "CN=OCSP Subsystem,%s" % self.subject_base)
config.set("CA", "pki_ssl_server_subject_dn", "CN=%s,%s" % (self.fqdn, self.subject_base))
config.set("CA", "pki_audit_signing_subject_dn", "CN=CA Audit,%s" % self.subject_base)
config.set("CA", "pki_ca_signing_subject_dn", "CN=Certificate Authority,%s" % self.subject_base)
config.set("CA", "pki_subsystem_subject_dn",
str(DN(('cn', 'CA Subsystem'), self.subject_base)))
config.set("CA", "pki_ocsp_signing_subject_dn",
str(DN(('cn', 'OCSP Subsystem'), self.subject_base)))
config.set("CA", "pki_ssl_server_subject_dn",
str(DN(('cn', self.fqdn), self.subject_base)))
config.set("CA", "pki_audit_signing_subject_dn",
str(DN(('cn', 'CA Audit'), self.subject_base)))
config.set("CA", "pki_ca_signing_subject_dn",
str(DN(('cn', 'Certificate Authority'), self.subject_base)))
# Certificate nicknames
config.set("CA", "pki_subsystem_nickname", "subsystemCert cert-pki-ca")