Fix cert_request for KDC cert

ca_kdc_check() expects an API object, not an LDAP connection. Issue was introduced in commit 8f4abf7bc1. See: https://pagure.io/freeipa/issue/6739 Fixes: https://pagure.io/freeipa/issue/8686 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2025-02-25 18:55:28 -06:00 · 2021-01-29 09:42:01 +01:00
parent 24a5d4d06b
commit 98a88bd719
1 changed files with 1 additions and 1 deletions
--- a/ipaserver/plugins/cert.py
+++ b/ipaserver/plugins/cert.py
@@ -875,7 +875,7 @@ class cert_request(Create, BaseCertMethod, VirtualCommand):
                            "with subject alt name '%s'.") % name)
                if not bypass_caacl:
                    if principal_type == KRBTGT:
-                        ca_kdc_check(ldap, alt_principal.hostname)
+                        ca_kdc_check(self.api, alt_principal.hostname)
                    else:
                        caacl_check(alt_principal, ca, profile_id)