diff options
author | Petr Viktorin <pviktori@redhat.com> | 2013-03-14 13:58:27 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-04-02 15:28:50 +0200 |
commit | 03a2c66eda695ad2d4bfe675fa2902035e6b37f0 (patch) | |
tree | 6f497733efb8da696a82730f455ad4b6310bb612 /ipaserver/install/httpinstance.py | |
parent | a03aba5704036e375fab36ed2b7cbbc31adf5411 (diff) | |
download | freeipa-03a2c66eda695ad2d4bfe675fa2902035e6b37f0.tar.gz freeipa-03a2c66eda695ad2d4bfe675fa2902035e6b37f0.tar.xz freeipa-03a2c66eda695ad2d4bfe675fa2902035e6b37f0.zip |
Support installing with custom SSL certs, without a CA
Design: http://freeipa.org/page/V3/CA-less_install
https://fedorahosted.org/freeipa/ticket/3363
Diffstat (limited to 'ipaserver/install/httpinstance.py')
-rw-r--r-- | ipaserver/install/httpinstance.py | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index 59782cb6f..458112fa0 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -61,7 +61,10 @@ class HTTPInstance(service.Service): subject_base = ipautil.dn_attribute_property('_subject_base') - def create_instance(self, realm, fqdn, domain_name, dm_password=None, autoconfig=True, pkcs12_info=None, self_signed_ca=False, subject_base=None, auto_redirect=True): + def create_instance(self, realm, fqdn, domain_name, dm_password=None, + autoconfig=True, pkcs12_info=None, + self_signed_ca=False, subject_base=None, + auto_redirect=True): self.fqdn = fqdn self.realm = realm self.domain = domain_name @@ -247,10 +250,13 @@ class HTTPInstance(service.Service): raise RuntimeError("Could not find a suitable server cert in import in %s" % self.pkcs12_info[0]) db.create_password_conf() + # We only handle one server cert nickname = server_certs[0][0] self.dercert = db.get_cert_from_db(nickname, pem=False) - db.track_server_cert(nickname, self.principal, db.passwd_fname, 'restart_httpd') + + if api.env.enable_ra: + db.track_server_cert(nickname, self.principal, db.passwd_fname, 'restart_httpd') self.__set_mod_nss_nickname(nickname) else: |