IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-27 16:46:42 -06:00
Code Issues Packages Projects Releases Wiki Activity
7,060 Commits 11 Branches 59 Tags 60 MiB
8f286d5c51
Commit Graph

13 Commits

Author SHA1 Message Date
Jan Cholasta
fea7163e87 Move CACERT definition to a single place. 
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-03-25 16:54:54 +01:00
Petr Spacek
dd55e13aa9 Clarify error message about missing DNS component in ipa-replica-prepare. 
https://fedorahosted.org/freeipa/ticket/4188

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-02-21 16:04:20 +01:00
Jan Cholasta
08051f1651 Convert remaining installer code to LDAPEntry API. 2014-01-24 20:29:31 +01:00
Jan Cholasta
194556beb0 Allow PKCS#12 files with empty password in install tools. 
https://fedorahosted.org/freeipa/ticket/3897
 2013-10-04 10:27:23 +02:00
Jan Cholasta
c123264ac7 Read passwords from stdin when importing PKCS#12 files with pk12util. 
This works around pk12util refusing to use empty password files, which prevents
the use of PKCS#12 files with empty password.

https://fedorahosted.org/freeipa/ticket/3897
 2013-10-04 10:27:23 +02:00
Tomas Babej
edf92f7650 Remove redundant shebangs 
Remove redundant shebangs from files that are not used as scripts.

https://fedorahosted.org/freeipa/ticket/3853
 2013-08-26 13:03:32 +02:00
Jan Cholasta
ab2debd1ea Ask for PKCS#12 password interactively in ipa-replica-prepare. 
https://fedorahosted.org/freeipa/ticket/3717
 2013-07-24 10:00:03 +02:00
Ana Krivokapic
c1e9b6fa1d Make sure replication works after DM password is changed 
Replica information file contains the file `cacert.p12` which is protected by
the Directory Manager password of the initial IPA server installation. The DM
password of the initial installation is also used for the PKI admin user
password.

If the DM password is changed after the IPA server installation, the replication
fails.

To prevent this failure, add the following steps to ipa-replica-prepare:
1. Regenerate the `cacert.p12` file and protect it with the current DM password
2. Update the password of the PKI admin user with the current DM password

https://fedorahosted.org/freeipa/ticket/3594
 2013-07-11 12:39:29 +03:00
Petr Vobornik
f5bc155f56 Create Firefox configuration extension on CA-less install 
Create:
* kerberosauth.xpi
* krb.js

even when --http_pkcs12 option is used.

https://fedorahosted.org/freeipa/ticket/3747
 2013-06-27 16:01:52 +02:00
Petr Viktorin
e736e75ce9 Drop --selfsign server functionality 
Design: http://freeipa.org/page/V3/Drop_selfsign_functionality
Ticket: https://fedorahosted.org/freeipa/ticket/3494
 2013-04-15 16:56:12 -04:00
Petr Viktorin
1bc892c02d Load the CA cert into server NSS databases 
The CA cert was not loaded, so if it was missing from the PKCS#12 file,
installation would fail.
Pass the cert filename to the server installers and include it in
the NSS DB.

Part of the work for: https://fedorahosted.org/freeipa/ticket/3363
 2013-04-02 15:28:50 +02:00
Petr Viktorin
03a2c66eda Support installing with custom SSL certs, without a CA 
Design: http://freeipa.org/page/V3/CA-less_install
https://fedorahosted.org/freeipa/ticket/3363
 2013-04-02 15:28:50 +02:00
Petr Viktorin
26c498736e Port ipa-replica-prepare to the admintool framework 
Break the script into several smaller methods.

Use modern idioms: os.path.join instead of string addition; the with statement
for closing files.

Add --quiet, --verbose, and --log-file options. Use logging instead of print
statements. (http://freeipa.org/page/V3/Logging_and_output)

Part of: https://fedorahosted.org/freeipa/ticket/2652
Fixes: https://fedorahosted.org/freeipa/ticket/3285
 2013-02-01 13:44:59 -05:00