summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Kosek <mkosek@redhat.com>2011-07-14 14:09:53 +0200
committerRob Crittenden <rcritten@redhat.com>2011-07-14 22:36:53 -0400
commitd802aa57f16e3267b4db739721a56e041e5f888e (patch)
treee5bd63dfcf490160e08b012c72f174ee5f021be3
parentaece880d8f53d3f641a5a1ca3df494eb352117b1 (diff)
downloadfreeipa-d802aa57f16e3267b4db739721a56e041e5f888e.tar.gz
freeipa-d802aa57f16e3267b4db739721a56e041e5f888e.tar.xz
freeipa-d802aa57f16e3267b4db739721a56e041e5f888e.zip
Fix self-signed replica installation
When a replica for self-signed server is being installed, the installer crashes with "Not a dogtag CA installation". Make sure that installation is handled correctly for both dogtag and self-signed replicas. https://fedorahosted.org/freeipa/ticket/1479
-rwxr-xr-xinstall/tools/ipa-ca-install4
-rw-r--r--ipaserver/install/cainstance.py4
2 files changed, 6 insertions, 2 deletions
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install
index edd8f4cfd..e6adae057 100755
--- a/install/tools/ipa-ca-install
+++ b/install/tools/ipa-ca-install
@@ -134,6 +134,10 @@ def main():
# Configure the CA if necessary
(CA, cs) = cainstance.install_replica_ca(config, postinstall=True)
+ if not CA:
+ # not a dogtag CA replica
+ sys.exit("Not a dogtag CA installation!")
+
# We need to ldap_enable the CA now that DS is up and running
CA.ldap_enable('CA', config.host_name, config.dirman_password,
util.realm_to_suffix(config.realm_name))
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 4ace26db5..fbc566a28 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -1109,8 +1109,8 @@ def install_replica_ca(config, postinstall=False):
cafile = config.dir + "/cacert.p12"
if not ipautil.file_exists(cafile):
- # not a dogtag CA replica
- sys.exit('Not a dogtag CA installation')
+ # self-signed replica
+ return (None, None)
if not config.setup_ca:
# We aren't configuring the CA in this step but we still need