diff options
author | Petr Viktorin <pviktori@redhat.com> | 2012-11-15 09:38:24 -0500 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-05-31 10:26:07 +0200 |
commit | 34ba1b7060a9f5271c4f59bca7bfb689335e1c47 (patch) | |
tree | e63ced8ce58243773f1c240d68956c944d194d79 /install/tools/ipa-server-install | |
parent | b21abc76caac8b251f708e77da7c8c7046fa22a7 (diff) | |
download | freeipa-34ba1b7060a9f5271c4f59bca7bfb689335e1c47.tar.gz freeipa-34ba1b7060a9f5271c4f59bca7bfb689335e1c47.tar.xz freeipa-34ba1b7060a9f5271c4f59bca7bfb689335e1c47.zip |
Remove code to install Dogtag 9
Since we depend on Dogtag 10 now, there is no need to keep code
that installs a Dogtag 9 CA.
Support for upgraded Dogtag-9-style instances is left in.
https://fedorahosted.org/freeipa/ticket/3529
Diffstat (limited to 'install/tools/ipa-server-install')
-rwxr-xr-x | install/tools/ipa-server-install | 20 |
1 files changed, 2 insertions, 18 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 992da90c1..62adbd5bc 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -1009,13 +1009,6 @@ def main(): if setup_ca: - if not dogtag.install_constants.SHARED_DB: - cs = cainstance.CADSInstance( - host_name, realm_name, domain_name, dm_password) - if not cs.is_configured(): - cs.create_instance(realm_name, host_name, domain_name, - dm_password, subject_base=options.subject) - ca = cainstance.CAInstance(realm_name, certs.NSS_DIR, dogtag_constants=dogtag.install_constants) if external == 0: @@ -1055,17 +1048,8 @@ def main(): # We need to ldap_enable the CA now that DS is up and running ca.ldap_enable('CA', host_name, dm_password, ipautil.realm_to_suffix(realm_name)) - if not dogtag.install_constants.SHARED_DB: - # Turn on SSL in the dogtag LDAP instance. This will get restarted - # later, we don't need SSL now. - cs.create_certdb() - cs.enable_ssl() - # Add the IPA service for storing the PKI-IPA server certificate. - cs.add_simple_service(cs.principal) - cs.add_cert_to_service() - else: - ca.enable_client_auth_to_db() - ca.restart() + ca.enable_client_auth_to_db() + ca.restart() # Upload the CA cert to the directory ds.upload_ca_cert() |