diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py index ec3f2beb8..ea769b027 100644 --- a/ipapython/dogtag.py +++ b/ipapython/dogtag.py @@ -184,7 +184,7 @@ def get_ca_certchain(ca_host=None, dogtag_constants=None): return chain -def ca_status(ca_host=None): +def ca_status(ca_host=None, use_proxy=True): """Return the status of the CA, and the httpd proxy in front of it The returned status can be: @@ -194,9 +194,13 @@ def ca_status(ca_host=None): """ if ca_host is None: ca_host = api.env.ca_host - # Use port 443 to test the proxy as well + if use_proxy: + # Use port 443 to test the proxy as well + ca_port = 443 + else: + ca_port = 8443 status, reason, headers, body = unauthenticated_https_request( - ca_host, 443, '/ca/admin/ca/getStatus') + ca_host, ca_port, '/ca/admin/ca/getStatus') if status == 503: # Service temporarily unavailable return reason diff --git a/ipapython/platform/fedora16/service.py b/ipapython/platform/fedora16/service.py index 36e7a31c4..edf2d7ff8 100644 --- a/ipapython/platform/fedora16/service.py +++ b/ipapython/platform/fedora16/service.py @@ -143,17 +143,18 @@ class Fedora16CAService(Fedora16Service): # Unfortunately, knownservices.httpd.is_installed() can return # false positives, so check for existence of our configuration file. # TODO: Use a cleaner solution + use_proxy = True if not (os.path.exists('/etc/httpd/conf.d/ipa.conf') and os.path.exists('/etc/httpd/conf.d/ipa-pki-proxy.conf')): root_logger.debug( - 'The httpd proxy is not installed, skipping wait for CA') - return + 'The httpd proxy is not installed, wait on local port') + use_proxy = False root_logger.debug('Waiting until the CA is running') timeout = api.env.startup_timeout op_timeout = time.time() + timeout while time.time() < op_timeout: try: - status = dogtag.ca_status() + status = dogtag.ca_status(use_proxy=use_proxy) except Exception: status = 'check interrupted' root_logger.debug('The CA status is: %s' % status)