IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-23 07:33:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Initialize the api so imports work, trust all CAs included in the PKCS#12.

Browse Source
This commit is contained in:
Rob Crittenden 2010-03-10 11:02:50 -05:00 committed by Jason Gerard DeRose
parent 00f27fe8c9
commit 99cb2fe64a
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
install/tools/ipa-server-certinstall
View File

@ -31,6 +31,7 @@ from ipapython.ipautil import user_input
from ipaserver import ipaldap
from ipaserver.install import certs, dsinstance, httpinstance, installutils
from ipalib import api
def get_realm_name():
c = krbV.default_context()
@ -100,6 +101,7 @@ def import_cert(dirname, pkcs12_fname, pkcs12_passwd, db_password):
try:
try:
cdb.import_pkcs12(pkcs12_fname, pw_name)
ca_names = cdb.find_root_cert_from_pkcs12(pkcs12_fname, pw_name)
except RuntimeError, e:
print str(e)
sys.exit(1)
@ -115,13 +117,19 @@ def import_cert(dirname, pkcs12_fname, pkcs12_passwd, db_password):
else:
server_cert = choose_server_cert(server_certs)
cdb.trust_root_cert(server_cert[0])
for ca in ca_names:
cdb.trust_root_cert(ca)
return server_cert
def main():
options, pkcs12_fname = parse_options()
cfg = dict(in_server=True,)
api.bootstrap(**cfg)
api.finalize()
try:
if options.dirsrv:
dm_password = getpass.getpass("Directory Manager password: ")