replica install: track the RA agent certificate again

During the rebase of commit 822e1bc82a on top of commit 808b1436b4, the call to track the RA agent certificate with certmonger was accidentally removed from ipa-replica-install. Put the call back so that the certificate is tracked after replica install. https://fedorahosted.org/freeipa/ticket/6392 Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
2025-02-25 18:55:28 -06:00 · 2016-11-30 12:25:24 +01:00
parent ed9645b2ac
commit 4221266562
1 changed files with 5 additions and 1 deletions
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -646,7 +646,7 @@ class CAInstance(DogtagInstance):
                                   'NSS_ENABLE_PKIX_VERIFY', '1',
                                   quotes=False, separator='=')

-    def import_ra_cert(self, rafile, configure_renewal=True):
+    def import_ra_cert(self, rafile):
        """
        Cloned RAs will use the same RA agent cert as the master so we
        need to import from a PKCS#12 file.
@@ -662,11 +662,15 @@ class CAInstance(DogtagInstance):
        finally:
            os.remove(agent_name)

+        self.configure_agent_renewal()
+
    def __import_ra_key(self):
        custodia = custodiainstance.CustodiaInstance(host_name=self.fqdn,
                                                     realm=self.realm)
        custodia.import_ra_key(self.master_host)

+        self.configure_agent_renewal()
+
    def __create_ca_agent(self):
        """
        Create CA agent, assign a certificate, and add the user to