diff options
author | Rob Crittenden <rcritten@redhat.com> | 2011-06-08 10:54:41 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-06-21 19:09:50 -0400 |
commit | dd69c7dbe68e8f8674994a54ea913f2dd2e52c32 (patch) | |
tree | 5fdc303354eb26a1d2cd206c81babdc73e8d51b9 /ipaserver/install/dsinstance.py | |
parent | 3a36eced53e540fe8f2b23eadf7dffda080324de (diff) | |
download | freeipa-dd69c7dbe68e8f8674994a54ea913f2dd2e52c32.tar.gz freeipa-dd69c7dbe68e8f8674994a54ea913f2dd2e52c32.tar.xz freeipa-dd69c7dbe68e8f8674994a54ea913f2dd2e52c32.zip |
Make data type of certificates more obvious/predictable internally.
For the most part certificates will be treated as being in DER format.
When we load a certificate we will generally accept it in any format but
will convert it to DER before proceeding in normalize_certificate().
This also re-arranges a bit of code to pull some certificate-specific
functions out of ipalib/plugins/service.py into ipalib/x509.py.
This also tries to use variable names to indicate what format the certificate
is in at any given point:
dercert: DER
cert: PEM
nsscert: a python-nss Certificate object
rawcert: unknown format
ticket 32
Diffstat (limited to 'ipaserver/install/dsinstance.py')
-rw-r--r-- | ipaserver/install/dsinstance.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 845e1e253..574a5afd8 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -379,7 +379,7 @@ class DsInstance(service.Service): logging.debug("completed creating ds instance") except ipautil.CalledProcessError, e: logging.critical("failed to restart ds instance %s" % e) - + # check for open port 389 from now on self.open_ports.append(389) @@ -517,7 +517,7 @@ class DsInstance(service.Service): # We only handle one server cert nickname = server_certs[0][0] - self.dercert = dsdb.get_cert_from_db(nickname) + self.dercert = dsdb.get_cert_from_db(nickname, pem=False) dsdb.track_server_cert(nickname, self.principal, dsdb.passwd_fname) else: nickname = "Server-Cert" |