certupdate: don't update HTTPD NSS db

Since mod_ssl is using the /etc/ipa/ca.crt for its source of the CA chain, we don't need to update the HTTPD NSS database anymore (since it does not really exist). https://pagure.io/freeipa/issue/3757 Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2025-02-25 18:55:28 -06:00 · 2018-02-02 11:30:59 +01:00
parent 60aa2c3b38
commit c85bf376f0
1 changed files with 0 additions and 1 deletions
--- a/ipaclient/install/ipa_certupdate.py
+++ b/ipaclient/install/ipa_certupdate.py
@@ -150,7 +150,6 @@ def update_server(certs):
    if services.knownservices.dirsrv.is_running():
        services.knownservices.dirsrv.restart(instance)

-    update_db(paths.HTTPD_ALIAS_DIR, certs)
    if services.knownservices.httpd.is_running():
        services.knownservices.httpd.restart()