Point to correct location of self-signed CA and set pw on 389-DS cert db

The CA was moved from residing in the DS NSS database into the Apache database to support a self-signed CA certificate plugin. This was not updated in the installer boilerplate. The DS db wasn't getting a password set on it. Go ahead and set one.
2024-12-23 07:33:27 -06:00 · 2009-11-18 17:51:28 -05:00 · 2009-11-18 17:51:28 -05:00 · 986c4e23e7
commit 986c4e23e7
parent 87d93e2c74
2 changed files with 3 additions and 3 deletions
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@ -836,8 +836,8 @@ def main():

    print ""
    if not options.dirsrv_pkcs12:
-        print "Be sure to back up the CA certificate stored in " + dsinstance.config_dirname(ds.serverid) + "cacert.p12"
-        print "The password for this file is in " + dsinstance.config_dirname(ds.serverid) + "pwdfile.txt"
+        print "Be sure to back up the CA certificate stored in /etc/httpd/alias/cacert.p12"
+        print "The password for this file is in /etc/httpd/alias/pwdfile.txt"
    else:
        print "In order for Firefox autoconfiguration to work you will need to"
        print "use a SSL signing certificate. See the IPA documentation for more details."
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@ -340,7 +340,7 @@ class DsInstance(service.Service):
            cadb = certs.CertDB(httpinstance.NSS_DIR, host_name=self.host_name)
            if self.self_signed_ca:
                cadb.create_self_signed()
-                dsdb.create_from_cacert(cadb.cacert_fname)
+                dsdb.create_from_cacert(cadb.cacert_fname, passwd=None)
                dsdb.create_server_cert("Server-Cert", self.host_name, cadb)
                dsdb.create_pin_file()
            else: