Replace only the cert instead of the whole NSS DB in ipa-server-certinstall.

https://fedorahosted.org/freeipa/ticket/3641
author: Jan Cholasta <jcholast@redhat.com> 2013-07-15 08:12:14 +0000
committer: Petr Viktorin <pviktori@redhat.com> 2013-08-20 16:18:59 +0200
commit: f2c3ae36f939199e4d5bb3ea2c27c984708aae13 (patch)
tree: 9d101f3b477b8fc13e5cc50af2e35b1387704b9e /ipaserver/install/certs.py
parent: 809123ab0224b14e360428188837d2555f954297 (diff)
download: freeipa-f2c3ae36f939199e4d5bb3ea2c27c984708aae13.tar.gz
freeipa-f2c3ae36f939199e4d5bb3ea2c27c984708aae13.tar.xz
freeipa-f2c3ae36f939199e4d5bb3ea2c27c984708aae13.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index 7ad4c5087..f1b92fdbe 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -245,6 +245,9 @@ class NSSDatabase(object):
                             "-a"],
                             stdin=cert)
 
+    def delete_cert(self, nick):
+        self.run_certutil(["-D", "-n", nick])
+
     def verify_server_cert_validity(self, nickname, hostname):
         """Verify a certificate is valid for a SSL server with given hostname
 
@@ -715,6 +718,9 @@ class CertDB(object):
                 "-f", self.passwd_fname]
         self.run_certutil(args)
 
+    def delete_cert(self, nickname):
+        self.nssdb.delete_cert(nickname)
+
     def create_pin_file(self):
         """
         This is the format of Directory Server pin files.
author	Jan Cholasta <jcholast@redhat.com>	2013-07-15 08:12:14 +0000
committer	Petr Viktorin <pviktori@redhat.com>	2013-08-20 16:18:59 +0200
commit	f2c3ae36f939199e4d5bb3ea2c27c984708aae13 (patch)
tree	9d101f3b477b8fc13e5cc50af2e35b1387704b9e /ipaserver/install/certs.py
parent	809123ab0224b14e360428188837d2555f954297 (diff)
download	freeipa-f2c3ae36f939199e4d5bb3ea2c27c984708aae13.tar.gz freeipa-f2c3ae36f939199e4d5bb3ea2c27c984708aae13.tar.xz freeipa-f2c3ae36f939199e4d5bb3ea2c27c984708aae13.zip