diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2015-07-15 14:15:49 +0200 |
---|---|---|
committer | Petr Vobornik <pvoborni@redhat.com> | 2015-07-16 15:33:43 +0200 |
commit | 26dee66d1bf05aac5af5f82862ce54585ccde7e4 (patch) | |
tree | 11575da717bdb4c6e7c105a8e6962bf9079478ad /ipaserver/install/ca.py | |
parent | 9083c528f75a958df062a9521729f30b65e5e551 (diff) | |
download | freeipa-26dee66d1bf05aac5af5f82862ce54585ccde7e4.tar.gz freeipa-26dee66d1bf05aac5af5f82862ce54585ccde7e4.tar.xz freeipa-26dee66d1bf05aac5af5f82862ce54585ccde7e4.zip |
ipa-ca-install: print more specific errors when CA is already installed
This patch implements a more thorough checking for already installed CAs
during standalone CA installation using ipa-ca-install. The installer now
differentiates between CA that is already installed locally and CA installed
on one or more masters in topology and prints an appropriate error message.
https://fedorahosted.org/freeipa/ticket/4492
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipaserver/install/ca.py')
-rw-r--r-- | ipaserver/install/ca.py | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/ipaserver/install/ca.py b/ipaserver/install/ca.py index 498cc48a7..39f4435e2 100644 --- a/ipaserver/install/ca.py +++ b/ipaserver/install/ca.py @@ -45,8 +45,16 @@ def install_check(standalone, replica_config, options): return - if standalone and api.Command.ca_is_enabled()['result']: - sys.exit("CA is already installed.\n") + if standalone: + if cainstance.is_ca_installed_locally(): + sys.exit("CA is already installed on this host.") + elif api.Command.ca_is_enabled()['result']: + sys.exit( + "One or more CA masters are already present in IPA realm " + "'%s'.\nIf you wish to replicate CA to this host, please " + "re-run 'ipa-ca-install'\nwith a replica file generated on " + "an existing CA master as argument." % realm_name + ) if options.external_cert_files: if not cainstance.is_step_one_done(): |