diff options
author | Jan Cholasta <jcholast@redhat.com> | 2013-10-15 17:25:34 +0000 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-03-25 16:54:54 +0100 |
commit | 9b3055ca4123062044871a1cc72b4c10cab1eeb5 (patch) | |
tree | 905372c3fefce38fc2a2fb12095e4849070d9268 /ipaserver/install | |
parent | 48539b35d78f8872fc2996e045987bcfa6ab7db7 (diff) | |
download | freeipa-9b3055ca4123062044871a1cc72b4c10cab1eeb5.tar.gz freeipa-9b3055ca4123062044871a1cc72b4c10cab1eeb5.tar.xz freeipa-9b3055ca4123062044871a1cc72b4c10cab1eeb5.zip |
Upload CA certificate from DS NSS database in CA-less server install.
Before, the file provided in the --root-ca-file option was used directly for
the upload. However, it is the same file which is imported to the NSS
database, so the second code path is not necessary.
Also removed now unused upload_ca_dercert method of dsinstance.
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Diffstat (limited to 'ipaserver/install')
-rw-r--r-- | ipaserver/install/dsinstance.py | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index af7d6fae6..a7e5e0787 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -672,22 +672,17 @@ class DsInstance(service.Service): dsdb = certs.NSSDatabase(nssdir=dirname) dsdb.export_pem_cert(nickname, location) - def upload_ca_cert(self, cacert_name=None): + def upload_ca_cert(self): """ Upload the CA certificate from the NSS database to the LDAP directory. """ dirname = config_dirname(self.serverid) - certdb = certs.CertDB(self.realm, nssdir=dirname, subject_base=self.subject_base) + certdb = certs.CertDB(self.realm, nssdir=dirname, + subject_base=self.subject_base) - if cacert_name is None: - cacert_name = certdb.cacert_name - dercert = certdb.get_cert_from_db(cacert_name, pem=False) - self.upload_ca_dercert(dercert) + dercert = certdb.get_cert_from_db(certdb.cacert_name, pem=False) - def upload_ca_dercert(self, dercert): - """Upload the CA DER certificate to the LDAP directory - """ conn = ipaldap.IPAdmin(self.fqdn) conn.do_simple_bind(DN(('cn', 'directory manager')), self.dm_password) |