cainstall: add dm_password to CA installation

Installation of Certificate Server replica requires directory manager password. Specify it explicitly in function call and pass it in through an argument. https://fedorahosted.org/freeipa/ticket/6461 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2024-12-26 17:01:14 -06:00 · 2016-10-19 09:44:35 +02:00 · 2016-10-19 09:44:35 +02:00 · 7a1c0db989
commit 7a1c0db989
parent 9fca820b6b
3 changed files with 4 additions and 1 deletions
--- a/install/tools/ipa-ca-install
+++ b/install/tools/ipa-ca-install
@ -192,6 +192,7 @@ def install_replica(safe_options, options, filename):
        CA = cainstance.CAInstance(config.realm_name, certs.NSS_DIR,
                                   host_name=config.host_name)
        CA.configure_replica(config.ca_host_name,
+                             config.dirman_password,
                             subject_base=config.subject_base,
                             ca_cert_bundle=ca_data)
        # Install CA DNS records
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@ -1317,7 +1317,7 @@ class CAInstance(DogtagInstance):
        basedn = ipautil.realm_to_suffix(self.realm)
        self.ldap_enable('CA', self.fqdn, None, basedn)

-    def configure_replica(self, master_host, subject_base=None,
+    def configure_replica(self, master_host, dm_password, subject_base=None,
                          ca_cert_bundle=None, ca_signing_algorithm=None,
                          ca_type=None):
        """Creates a replica CA, creating a local DS backend and using
@ -1325,6 +1325,7 @@ class CAInstance(DogtagInstance):
        Requires domain_level >= DOMAIN_LEVEL_1 and custodia on the master.
        """
        self.master_host = master_host
+        self.dm_password = dm_password
        self.master_replication_port = 389
        if subject_base is None:
            self.subject_base = DN(('O', self.realm))
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@ -1516,6 +1516,7 @@ def promote(installer):
        ca = cainstance.CAInstance(config.realm_name, certs.NSS_DIR,
                                   host_name=config.host_name)
        ca.configure_replica(config.ca_host_name,
+                             config.dirman_password,
                             subject_base=config.subject_base,
                             ca_cert_bundle=ca_data)