summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/httpinstance.py
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2009-07-24 09:29:33 -0400
committerJason Gerard DeRose <jderose@redhat.com>2009-07-27 16:04:53 -0600
commit5bbe1108d50f855842493ff0ef88b5eef2a4f7a6 (patch)
tree3d82fd32daadca8178d39becf19b5c945d256b22 /ipaserver/install/httpinstance.py
parent5767c6b37d68e645bce5666ec803570e12e22560 (diff)
downloadfreeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.zip
freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.tar.gz
freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.tar.xz
Identify CAs to trust from an imported PKCS#12 file
We used to use certutil -O to determine the cert chain to trust. This behavior changed in F-11 such that untrusted CAs are not displayed. This is only used when we import PKCS#12 files so use pk12util -l to display the list of certs and keys in the file to determine the nickname(s) of the CAs to trust. 509111
Diffstat (limited to 'ipaserver/install/httpinstance.py')
-rw-r--r--ipaserver/install/httpinstance.py1
1 files changed, 1 insertions, 0 deletions
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index bf92673..ba9de61 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -172,6 +172,7 @@ class HTTPInstance(service.Service):
if len(server_certs) == 0:
raise RuntimeError("Could not find a suitable server cert in import in %s" % pkcs12_info[0])
+ db.create_password_conf()
# We only handle one server cert
nickname = server_certs[0][0]