IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-27 09:21:59 -06:00
Code Issues Packages Projects Releases Wiki Activity
530da69ead
freeipa/ipaserver/install/server
History
Christian Heimes 530da69ead Fix KRA replica installation from CA master 
ipa-replica-install --kra-install can fail when the topology already has
a KRA, but replica is installed from a master with just CA. In that
case, Custodia may pick a machine that doesn't have the KRA auditing and
signing certs in its NSSDB.

Example:
 * master with CA
 * replica1 with CA and KRA
 * new replica gets installed from master

The replica installer now always picks a KRA peer.

The change fixes test scenario TestInstallWithCA1::()::test_replica2_ipa_dns_install

Fixes: https://pagure.io/freeipa/issue/7518
See: https://pagure.io/freeipa/issue/7008
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2018-07-19 15:44:46 +02:00
..
__init__.py install: validate AD trust-related options in installers 2018-04-17 14:28:45 +02:00
install.py Delay enabling services until end of installer 2018-07-06 13:26:43 +02:00
replicainstall.py Fix KRA replica installation from CA master 2018-07-19 15:44:46 +02:00
upgrade.py Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00