Show progress when enabling SSL in DS in ipa-server-install output.

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
2025-02-25 18:55:28 -06:00 · 2013-10-15 17:30:14 +00:00 · 2013-10-15 17:30:14 +00:00 · def727ce56
commit def727ce56
parent 51caf48ed9
2 changed files with 12 additions and 7 deletions
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@ -1110,7 +1110,6 @@ def main():

    # we now need to enable ssl on the ds
    ds.enable_ssl()
-    ds.restart()

    if setup_ca:
        # We need to ldap_enable the CA now that DS is up and running
@ -1120,9 +1119,6 @@ def main():
        # This is done within stopped_service context, which restarts CA
        ca.enable_client_auth_to_db()

-    # Upload the CA cert to the directory
-    ds.upload_ca_cert()
-
    krb = krbinstance.KrbInstance(fstore)
    if options.pkinit_pkcs12:
        krb.create_instance(realm_name, host_name, domain_name,
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@ -274,7 +274,7 @@ class DsInstance(service.Service):
        self.step("creating indices", self.__create_indices)
        self.step("enabling referential integrity plugin", self.__add_referint_module)
        if enable_ssl:
-            self.step("configuring ssl for ds instance", self.enable_ssl)
+            self.step("configuring ssl for ds instance", self.__enable_ssl)
        self.step("configuring certmap.conf", self.__certmap_conf)
        self.step("configure autobind for root", self.__root_autobind)
        self.step("configure new location for managed entries", self.__repoint_managed_entries)
@ -338,6 +338,15 @@ class DsInstance(service.Service):

        self.start_creation(runtime=60)

+    def enable_ssl(self):
+        self.steps = []
+
+        self.step("configuring ssl for ds instance", self.__enable_ssl)
+        self.step("restarting directory server", self.__restart_instance)
+        self.step("adding CA certificate entry", self.__upload_ca_cert)
+
+        self.start_creation(runtime=10)
+
    def create_replica(self, realm_name, master_fqdn, fqdn,
                       domain_name, dm_password, subject_base,
                       pkcs12_info=None, ca_file=None, ca_is_configured=None):
@ -609,7 +618,7 @@ class DsInstance(service.Service):
    def generate_random(self):
        return ipautil.ipa_generate_password()

-    def enable_ssl(self):
+    def __enable_ssl(self):
        dirname = config_dirname(self.serverid)
        dsdb = certs.CertDB(self.realm, nssdir=dirname, subject_base=self.subject_base)
        if self.pkcs12_info:
@ -667,7 +676,7 @@ class DsInstance(service.Service):
        # check for open secure port 636 from now on
        self.open_ports.append(636)

-    def upload_ca_cert(self):
+    def __upload_ca_cert(self):
        """
        Upload the CA certificate from the NSS database to the LDAP directory.
        """