Identify CAs to trust from an imported PKCS#12 file

We used to use certutil -O to determine the cert chain to trust. This behavior changed in F-11 such that untrusted CAs are not displayed. This is only used when we import PKCS#12 files so use pk12util -l to display the list of certs and keys in the file to determine the nickname(s) of the CAs to trust. 509111
author: Rob Crittenden <rcritten@redhat.com> 2009-07-24 09:29:33 -0400
committer: Jason Gerard DeRose <jderose@redhat.com> 2009-07-27 16:04:53 -0600
commit: 5bbe1108d50f855842493ff0ef88b5eef2a4f7a6 (patch)
tree: 3d82fd32daadca8178d39becf19b5c945d256b22 /ipaserver/install/httpinstance.py
parent: 5767c6b37d68e645bce5666ec803570e12e22560 (diff)
download: freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.tar.gz
freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.tar.xz
freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index bf9267376..ba9de6138 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -172,6 +172,7 @@ class HTTPInstance(service.Service):
             if len(server_certs) == 0:
                 raise RuntimeError("Could not find a suitable server cert in import in %s" % pkcs12_info[0])
 
+            db.create_password_conf()
             # We only handle one server cert
             nickname = server_certs[0][0]
author	Rob Crittenden <rcritten@redhat.com>	2009-07-24 09:29:33 -0400
committer	Jason Gerard DeRose <jderose@redhat.com>	2009-07-27 16:04:53 -0600
commit	5bbe1108d50f855842493ff0ef88b5eef2a4f7a6 (patch)
tree	3d82fd32daadca8178d39becf19b5c945d256b22 /ipaserver/install/httpinstance.py
parent	5767c6b37d68e645bce5666ec803570e12e22560 (diff)
download	freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.tar.gz freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.tar.xz freeipa-5bbe1108d50f855842493ff0ef88b5eef2a4f7a6.zip