diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-09-20 13:35:32 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-09-24 15:30:41 -0400 |
commit | 2951901d1e85d5d787baea5934fdee7fe9a6dcb8 (patch) | |
tree | da502fbec81c720e875db17a294223fdf0abec85 | |
parent | ed56112023fb308a31149b3297fb826fd69deac8 (diff) | |
download | freeipa-2951901d1e85d5d787baea5934fdee7fe9a6dcb8.tar.gz freeipa-2951901d1e85d5d787baea5934fdee7fe9a6dcb8.tar.xz freeipa-2951901d1e85d5d787baea5934fdee7fe9a6dcb8.zip |
Properly handle CertificateOperationErrors in replication prepration.
The problem here was two-fold: the certs manager was raising an
error it didn't know about and ipa-replica-prepare wasn't catching it.
ticket 249
-rwxr-xr-x | install/tools/ipa-replica-prepare | 12 | ||||
-rw-r--r-- | ipaserver/install/certs.py | 1 |
2 files changed, 11 insertions, 2 deletions
diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare index 87a3ae4ce..6e9d649ae 100755 --- a/install/tools/ipa-replica-prepare +++ b/install/tools/ipa-replica-prepare @@ -283,7 +283,11 @@ def main(): print "Copy failed %s" % e sys.exit(1) print "Creating SSL certificate for the Directory Server" - export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "dscert", replica_fqdn, subject_base) + try: + export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "dscert", replica_fqdn, subject_base) + except errors.CertificateOperationError, e: + print "%s" % e + sys.exit(1) if options.http_pin: passwd = options.http_pin @@ -304,7 +308,11 @@ def main(): sys.exit(1) else: print "Creating SSL certificate for the Web Server" - export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "httpcert", replica_fqdn, subject_base) + try: + export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "httpcert", replica_fqdn, subject_base) + except errors.CertificateOperationError, e: + print "%s" % e + sys.exit(1) print "Exporting RA certificate" export_ra_pkcs12(dir, dirman_password) diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index c8e1d17d5..a9891fbd5 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -37,6 +37,7 @@ from ipalib import pkcs10 from ConfigParser import RawConfigParser import service from ipalib import x509 +from ipalib.errors import CertificateOperationError from nss.error import NSPRError import nss.nss as nss |