IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-26 16:16:31 -06:00
Code Issues Packages Projects Releases Wiki Activity

install: fix reported external CA configuration

Browse Source 
The installer reports the CA configuration that will be used,
including whether the CA is self-signed or externally-signed.

Installation with external CA takes two steps. The first step
correctly reports the externally signed configuration (like the
above), but the second step reports a self-signed configuration.

The CA *is* externally signed, but the configuration gets reported
incorrectly at step 2.  This could confuse the administrator.  Fix
the message.

Fixes: https://pagure.io/freeipa/issue/7523
Reviewed-By: Christian Heimes <cheimes@redhat.com>
This commit is contained in:
Fraser Tweedale 2018-05-02 12:07:02 +10:00 committed by Christian Heimes
parent c925b44f43
commit 6659392a0a
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ipaserver/install/ca.py
View File

@ -105,9 +105,13 @@ def print_ca_configuration(options):
print("The CA will be configured with:")
print("Subject DN: {}".format(options.ca_subject))
print("Subject base: {}".format(options.subject_base))
print("Chaining: {}".format(
"externally signed (two-step installation)" if options.external_ca
else "self-signed"))
if options.external_ca:
chaining = "externally signed (two-step installation)"
elif options.external_cert_files:
chaining = "externally signed"
else:
chaining = "self-signed"
print("Chaining: {}".format(chaining))
def install_check(standalone, replica_config, options):