IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-28 18:01:23 -06:00
Code Issues Packages Projects Releases Wiki Activity

Import CA certs from certificate store to HTTP NSS database on server install.

Browse Source 
Part of https://fedorahosted.org/freeipa/ticket/3259
Part of https://fedorahosted.org/freeipa/ticket/3520

Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
Jan Cholasta 2014-06-12 10:24:24 +02:00 committed by Petr Viktorin
parent 82d682fa64
commit 6f01499419
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ipaserver/install/httpinstance.py
View File

@ -111,6 +111,7 @@ class HTTPInstance(service.Service):
self.step("adding URL rewriting rules", self.__add_include)
self.step("configuring httpd", self.__configure_http)
self.step("setting up ssl", self.__setup_ssl)
self.step("importing CA certificates from LDAP", self.__import_ca_certs)
if autoconfig:
self.step("setting up browser autoconfig", self.__setup_autoconfig)
self.step("publish CA cert", self.__publish_ca_cert)
@ -315,6 +316,10 @@ class HTTPInstance(service.Service):
tasks.restore_context(certs.NSS_DIR + "/cert8.db")
tasks.restore_context(certs.NSS_DIR + "/key3.db")
def __import_ca_certs(self):
db = certs.CertDB(self.realm, subject_base=self.subject_base)
self.import_ca_certs(db, api.env.enable_ra)
def __setup_autoconfig(self):
target_fname = paths.PREFERENCES_HTML
ipautil.copy_template_file(