IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-27 09:21:59 -06:00
Code Issues Packages Projects Releases Wiki Activity

cainstall: add dm_password to CA installation

Browse Source 
Installation of Certificate Server replica requires directory manager
password. Specify it explicitly in function call and pass it in
through an argument.

https://fedorahosted.org/freeipa/ticket/6461

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
Tomas Krizek 2016-10-19 09:44:35 +02:00 committed by Martin Basti
parent 9fca820b6b
commit 7a1c0db989
3 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
install/tools/ipa-ca-install
View File

@ -192,6 +192,7 @@ def install_replica(safe_options, options, filename):
CA = cainstance.CAInstance(config.realm_name, certs.NSS_DIR,
host_name=config.host_name)
CA.configure_replica(config.ca_host_name,
config.dirman_password,
subject_base=config.subject_base,
ca_cert_bundle=ca_data)
# Install CA DNS records

3
ipaserver/install/cainstance.py
View File

@ -1317,7 +1317,7 @@ class CAInstance(DogtagInstance):
basedn = ipautil.realm_to_suffix(self.realm)
self.ldap_enable('CA', self.fqdn, None, basedn)
def configure_replica(self, master_host, subject_base=None,
def configure_replica(self, master_host, dm_password, subject_base=None,
ca_cert_bundle=None, ca_signing_algorithm=None,
ca_type=None):
"""Creates a replica CA, creating a local DS backend and using
@ -1325,6 +1325,7 @@ class CAInstance(DogtagInstance):
Requires domain_level >= DOMAIN_LEVEL_1 and custodia on the master.
"""
self.master_host = master_host
self.dm_password = dm_password
self.master_replication_port = 389
if subject_base is None:
self.subject_base = DN(('O', self.realm))

1
ipaserver/install/server/replicainstall.py
View File

@ -1516,6 +1516,7 @@ def promote(installer):
ca = cainstance.CAInstance(config.realm_name, certs.NSS_DIR,
host_name=config.host_name)
ca.configure_replica(config.ca_host_name,
config.dirman_password,
subject_base=config.subject_base,
ca_cert_bundle=ca_data)