diff options
author | Jan Cholasta <jcholast@redhat.com> | 2014-06-12 11:16:52 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-07-30 16:04:21 +0200 |
commit | 88706c56745faa430ff00d2f1c5f0605b5af29ef (patch) | |
tree | b7d607829b878c9f71e1fb1ca8eff0ec5548d071 /ipaserver/install/ipa_cacert_manage.py | |
parent | feecdb4cdcc237af02d2469b6c7d66e40320394c (diff) | |
download | freeipa-88706c56745faa430ff00d2f1c5f0605b5af29ef.tar.gz freeipa-88706c56745faa430ff00d2f1c5f0605b5af29ef.tar.xz freeipa-88706c56745faa430ff00d2f1c5f0605b5af29ef.zip |
Add new add_cert method for adding certificates to NSSDatabase and CertDB.
Replace all uses of NSSDatabase method add_single_pem_cert with add_cert and
remove add_single_pem_cert.
Part of https://fedorahosted.org/freeipa/ticket/3259
Part of https://fedorahosted.org/freeipa/ticket/3520
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Diffstat (limited to 'ipaserver/install/ipa_cacert_manage.py')
-rw-r--r-- | ipaserver/install/ipa_cacert_manage.py | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/ipaserver/install/ipa_cacert_manage.py b/ipaserver/install/ipa_cacert_manage.py index 8f09c858c..bf2a55b0d 100644 --- a/ipaserver/install/ipa_cacert_manage.py +++ b/ipaserver/install/ipa_cacert_manage.py @@ -216,21 +216,17 @@ class CACertManage(admintool.AdminTool): with certs.NSSDatabase() as tmpdb: pw = ipautil.write_tmp_file(ipautil.ipa_generate_password()) tmpdb.create_db(pw.name) - tmpdb.add_single_pem_cert( - 'IPA CA', 'C,,', x509.make_pem(base64.b64encode(old_cert))) + tmpdb.add_cert(old_cert, 'IPA CA', 'C,,') try: - tmpdb.add_single_pem_cert( - 'IPA CA', 'C,,', x509.make_pem(base64.b64encode(cert))) + tmpdb.add_cert(cert, 'IPA CA', 'C,,') except ipautil.CalledProcessError, e: raise admintool.ScriptError( "Not compatible with the current CA certificate: %s", e) ca_certs = x509.load_certificate_chain_from_file(ca_filename) for ca_cert in ca_certs: - tmpdb.add_single_pem_cert( - str(ca_cert.subject), 'C,,', - x509.make_pem(base64.b64encode(ca_cert.der_data))) + tmpdb.add_cert(ca_cert.der_data, str(ca_cert.subject), 'C,,') del ca_certs del ca_cert |