diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2009-04-13 13:39:15 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2009-04-20 14:01:00 -0400 |
| commit | 9182c10b03a7841c9318ad64ae6c5deda77d93d1 (patch) | |
| tree | 75f7d73a2d1bab18686ddc9e31fe876401c633fe /install | |
| parent | fdf03cb07b6d75eb3cdffbe4cf21cb510134c26d (diff) | |
| download | freeipa-9182c10b03a7841c9318ad64ae6c5deda77d93d1.tar.gz freeipa-9182c10b03a7841c9318ad64ae6c5deda77d93d1.tar.xz freeipa-9182c10b03a7841c9318ad64ae6c5deda77d93d1.zip | |
Issue DS and Apache server certs during CA installation.
Notes:
- will create a CA instance (pki-ca) if it doesn't exist
- maintains support for a self-signed CA
- A signing cert is still not created so Firefox autoconfig still won't work
Diffstat (limited to 'install')
| -rwxr-xr-x | install/tools/ipa-server-install | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index cefdbf85e..da7fdc788 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -42,6 +42,7 @@ from ipaserver.install import krbinstance from ipaserver.install import bindinstance from ipaserver.install import httpinstance from ipaserver.install import ntpinstance +from ipaserver.install import certs from ipaserver.install import service from ipapython import version @@ -512,6 +513,12 @@ def main(): print >> sys.stderr, "Import failed: %s" % sys.exc_value sys.exit(1) + # Clean up any previous self-signed CA that may exist + try: + os.remove(certs.CA_SERIALNO) + except: + pass + cs = cainstance.CADSInstance() cs.create_instance("dirsrv", realm_name, host_name, domain_name, dm_password) ca = cainstance.CAInstance() @@ -526,7 +533,7 @@ def main(): finally: os.remove(pw_name) else: - ds.create_instance(ds_user, realm_name, host_name, domain_name, dm_password) + ds.create_instance(ds_user, realm_name, host_name, domain_name, dm_password, self_signed_ca=not options.ca) # Create a kerberos instance krb = krbinstance.KrbInstance(fstore) @@ -545,7 +552,7 @@ def main(): http.create_instance(realm_name, host_name, domain_name, autoconfig=False, pkcs12_info=pkcs12_info) os.remove(pw_name) else: - http.create_instance(realm_name, host_name, domain_name, autoconfig=True) + http.create_instance(realm_name, host_name, domain_name, autoconfig=True, self_signed_ca=not options.ca) # Create the config file fstore.backup_file("/etc/ipa/ipa.conf") |