diff options
author | Rob Crittenden <rcritten@redhat.com> | 2009-07-24 09:29:33 -0400 |
---|---|---|
committer | Jason Gerard DeRose <jderose@redhat.com> | 2009-07-27 16:04:53 -0600 |
commit | 5bbe1108d50f855842493ff0ef88b5eef2a4f7a6 (patch) | |
tree | 3d82fd32daadca8178d39becf19b5c945d256b22 /ipaserver/install/httpinstance.py | |
parent | 5767c6b37d68e645bce5666ec803570e12e22560 (diff) | |
download | freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.tar.gz freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.tar.xz freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.zip |
Identify CAs to trust from an imported PKCS#12 file
We used to use certutil -O to determine the cert chain to trust. This
behavior changed in F-11 such that untrusted CAs are not displayed.
This is only used when we import PKCS#12 files so use pk12util -l to
display the list of certs and keys in the file to determine the nickname(s)
of the CAs to trust.
509111
Diffstat (limited to 'ipaserver/install/httpinstance.py')
-rw-r--r-- | ipaserver/install/httpinstance.py | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index bf9267376..ba9de6138 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -172,6 +172,7 @@ class HTTPInstance(service.Service): if len(server_certs) == 0: raise RuntimeError("Could not find a suitable server cert in import in %s" % pkcs12_info[0]) + db.create_password_conf() # We only handle one server cert nickname = server_certs[0][0] |