diff options
author | Simo Sorce <ssorce@redhat.com> | 2010-11-01 13:51:14 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2010-11-18 15:09:31 -0500 |
commit | 74ba0cc7c1bdb9c560324a68c16593755bcda5d8 (patch) | |
tree | 13165adebe5ee440606b76e735e49787fb94657a /ipaserver/install/dsinstance.py | |
parent | 775fc23738d8a882bdd9cff9064b50594901e518 (diff) | |
download | freeipa-74ba0cc7c1bdb9c560324a68c16593755bcda5d8.tar.gz freeipa-74ba0cc7c1bdb9c560324a68c16593755bcda5d8.tar.xz freeipa-74ba0cc7c1bdb9c560324a68c16593755bcda5d8.zip |
Use Realm as certs subject base name
Also use the realm name as nickname for the CA certificate
Diffstat (limited to 'ipaserver/install/dsinstance.py')
-rw-r--r-- | ipaserver/install/dsinstance.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 89613bc31..48b6f551e 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -404,7 +404,7 @@ class DsInstance(service.Service): def __enable_ssl(self): dirname = config_dirname(self.serverid) - dsdb = certs.CertDB(dirname, subject_base=self.subject_base) + dsdb = certs.CertDB(dirname, self.realm_name, subject_base=self.subject_base) if self.pkcs12_info: dsdb.create_from_pkcs12(self.pkcs12_info[0], self.pkcs12_info[1]) server_certs = dsdb.find_server_certs() @@ -416,7 +416,7 @@ class DsInstance(service.Service): self.dercert = dsdb.get_cert_from_db(nickname) else: nickname = "Server-Cert" - cadb = certs.CertDB(httpinstance.NSS_DIR, host_name=self.fqdn, subject_base=self.subject_base) + cadb = certs.CertDB(httpinstance.NSS_DIR, self.realm_name, host_name=self.fqdn, subject_base=self.subject_base) if self.self_signed_ca: cadb.create_self_signed() dsdb.create_from_cacert(cadb.cacert_fname, passwd=None) @@ -529,7 +529,7 @@ class DsInstance(service.Service): # drop the trailing / off the config_dirname so the directory # will match what is in certmonger dirname = config_dirname(serverid)[:-1] - dsdb = certs.CertDB(dirname) + dsdb = certs.CertDB(dirname, self.realm_name) dsdb.untrack_server_cert("Server-Cert") erase_ds_instance_data(serverid) @@ -571,7 +571,7 @@ class DsInstance(service.Service): self.stop() dirname = config_dirname(realm_to_serverid(self.realm_name)) - certdb = certs.CertDB(dirname, subject_base=self.subject_base) + certdb = certs.CertDB(dirname, self.realm_name, subject_base=self.subject_base) if not cacert_name or len(cacert_name) == 0: cacert_name = "Imported CA" # we can't pass in the nickname, so we set the instance variable |