diff options
author | Jan Cholasta <jcholast@redhat.com> | 2014-09-24 19:22:59 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2014-09-30 10:01:38 +0200 |
commit | da24d8a6e7a8f63e9fd6a603f658cff6cb784996 (patch) | |
tree | cd6a5f37baab6eb3789b2324a235fc9a1ccff07a | |
parent | 05e66264a92d85d83b6ac43340461e5ae686304d (diff) | |
download | freeipa-da24d8a6e7a8f63e9fd6a603f658cff6cb784996.tar.gz freeipa-da24d8a6e7a8f63e9fd6a603f658cff6cb784996.tar.xz freeipa-da24d8a6e7a8f63e9fd6a603f658cff6cb784996.zip |
Fix certmonger search for the CA cert in ipa-certupdate and ipa-cacert-manage
The search criteria did not include the CA agent name.
https://fedorahosted.org/freeipa/ticket/3259
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
-rw-r--r-- | ipa-client/ipaclient/ipa_certupdate.py | 1 | ||||
-rw-r--r-- | ipaserver/install/ipa_cacert_manage.py | 7 |
2 files changed, 6 insertions, 2 deletions
diff --git a/ipa-client/ipaclient/ipa_certupdate.py b/ipa-client/ipaclient/ipa_certupdate.py index fd6c80df8..ff16b9b7a 100644 --- a/ipa-client/ipaclient/ipa_certupdate.py +++ b/ipa-client/ipaclient/ipa_certupdate.py @@ -120,6 +120,7 @@ class CertUpdate(admintool.AdminTool): criteria = { 'cert-database': dogtag_constants.ALIAS_DIR, 'cert-nickname': nickname, + 'ca-name': 'dogtag-ipa-ca-renew-agent', } request_id = certmonger.get_request_id(criteria) if request_id is not None: diff --git a/ipaserver/install/ipa_cacert_manage.py b/ipaserver/install/ipa_cacert_manage.py index 1acc62340..a521e3965 100644 --- a/ipaserver/install/ipa_cacert_manage.py +++ b/ipaserver/install/ipa_cacert_manage.py @@ -149,8 +149,11 @@ class CACertManage(admintool.AdminTool): raise admintool.ScriptError("CA is not configured on this system") nss_dir = ca.dogtag_constants.ALIAS_DIR - criteria = {'cert-database': nss_dir, - 'cert-nickname': self.cert_nickname} + criteria = { + 'cert-database': nss_dir, + 'cert-nickname': self.cert_nickname, + 'ca-name': 'dogtag-ipa-ca-renew-agent', + } self.request_id = certmonger.get_request_id(criteria) if self.request_id is None: raise admintool.ScriptError( |