summaryrefslogtreecommitdiffstats
path: root/install/restart_scripts
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2014-06-12 11:29:57 +0200
committerPetr Viktorin <pviktori@redhat.com>2014-07-30 16:04:21 +0200
commit9e223e6fd4f16213355c64cd2524500c689210ff (patch)
tree941707dc24d1946151e3d8068596b6c5e70bfab3 /install/restart_scripts
parent6f01499419e31383d8d97b806b15639aab7f0197 (diff)
downloadfreeipa-9e223e6fd4f16213355c64cd2524500c689210ff.tar.gz
freeipa-9e223e6fd4f16213355c64cd2524500c689210ff.tar.xz
freeipa-9e223e6fd4f16213355c64cd2524500c689210ff.zip
Upload renewed CA cert to certificate store on renewal.
Part of https://fedorahosted.org/freeipa/ticket/3259 Part of https://fedorahosted.org/freeipa/ticket/3520 Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Diffstat (limited to 'install/restart_scripts')
-rw-r--r--install/restart_scripts/renew_ca_cert9
1 files changed, 2 insertions, 7 deletions
diff --git a/install/restart_scripts/renew_ca_cert b/install/restart_scripts/renew_ca_cert
index b66cfa292..69d79338d 100644
--- a/install/restart_scripts/renew_ca_cert
+++ b/install/restart_scripts/renew_ca_cert
@@ -29,7 +29,7 @@ import traceback
from ipapython import dogtag, certmonger, ipautil
from ipapython.dn import DN
-from ipalib import api, errors, x509, util
+from ipalib import api, errors, x509, certstore
from ipaserver.install import certs, cainstance, installutils
from ipaserver.plugins.ldap2 import ldap2
from ipaplatform import services
@@ -103,13 +103,8 @@ def main():
conn = ldap2(shared_instance=False, ldap_uri=api.env.ldap_uri)
conn.connect(ccache=ccache)
- dn = DN(('cn', 'CAcert'), ('cn', 'ipa'), ('cn', 'etc'),
- api.env.basedn)
try:
- entry = conn.get_entry(
- dn, attrs_list=['cACertificate;binary'])
- entry['cACertificate;binary'] = [cert]
- conn.update_entry(entry)
+ certstore.update_ca_cert(conn, api.env.basedn, cert)
except errors.EmptyModlist:
pass
generated by cgit (git 2.34.1) at 2024-05-26 03:59:54 +0000