summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2014-10-14 11:26:15 +0200
committerMartin Kosek <mkosek@redhat.com>2014-11-05 15:26:42 +0100
commit2cf0f0a658ba3151596e3782c76d6273362080cf (patch)
tree0bbb689b6901a9c506402692fefd850c8e3598df /ipaserver
parent364d466fd7def3589ddb9e4a9f8d73fc2df80439 (diff)
downloadfreeipa-2cf0f0a658ba3151596e3782c76d6273362080cf.tar.gz
freeipa-2cf0f0a658ba3151596e3782c76d6273362080cf.tar.xz
freeipa-2cf0f0a658ba3151596e3782c76d6273362080cf.zip
Fail if certmonger can't see new CA certificate in LDAP in ipa-cacert-manage
This should not normally happen, but if it does, report an error instead of waiting idefinitely for the certificate to appear. https://fedorahosted.org/freeipa/ticket/4629 Reviewed-By: David Kupka <dkupka@redhat.com>
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/install/ipa_cacert_manage.py3
1 files changed, 2 insertions, 1 deletions
diff --git a/ipaserver/install/ipa_cacert_manage.py b/ipaserver/install/ipa_cacert_manage.py
index a521e3965..2a8d95fdb 100644
--- a/ipaserver/install/ipa_cacert_manage.py
+++ b/ipaserver/install/ipa_cacert_manage.py
@@ -297,7 +297,8 @@ class CACertManage(admintool.AdminTool):
raise admintool.ScriptError(
"Resubmitting certmonger request '%s' timed out, "
"please check the request manually" % self.request_id)
- if state != 'MONITORING':
+ ca_error = certmonger.get_request_value(self.request_id, 'ca-error')
+ if state != 'MONITORING' or ca_error:
raise admintool.ScriptError(
"Error resubmitting certmonger request '%s', "
"please check the request manually" % self.request_id)
generated by cgit (git 2.34.1) at 2024-06-20 08:16:02 +0000