mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
Fix cert file creation during CA-less installation
When writing extracted certs and keys to the file, we opened the same file at a different spot but the original file position indicator would not be moved when the certificate is written there. The result is that the certificate gets rewritten by the private key. This commit fixes it. Fixes: https://pagure.io/freeipa/issue/7118 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com> Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
This commit is contained in:
parent
477b3dca80
commit
7a86ff5d9b
@ -581,7 +581,8 @@ class NSSDatabase(object):
|
||||
if extracted_key:
|
||||
with tempfile.NamedTemporaryFile() as in_file, \
|
||||
tempfile.NamedTemporaryFile() as out_file:
|
||||
x509.write_certificate_list(extracted_certs, in_file.name)
|
||||
for cert in extracted_certs:
|
||||
in_file.write(cert.public_bytes(x509.Encoding.PEM))
|
||||
in_file.write(extracted_key)
|
||||
in_file.flush()
|
||||
out_password = ipautil.ipa_generate_password()
|
||||
|
Loading…
Reference in New Issue
Block a user