diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2013-05-02 13:47:06 -0400 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2013-05-06 13:37:23 +0200 |
| commit | be8c9ec9f243386eb9d3ae69bf1d84b255324cc7 (patch) | |
| tree | c70f7e95447f49937fac1d416c1cc2d6308990b3 /ipaserver | |
| parent | 77e4f445cce087a915533ad3ae2e35e93db762c5 (diff) | |
| download | freeipa-be8c9ec9f243386eb9d3ae69bf1d84b255324cc7.tar.gz freeipa-be8c9ec9f243386eb9d3ae69bf1d84b255324cc7.tar.xz freeipa-be8c9ec9f243386eb9d3ae69bf1d84b255324cc7.zip | |
Specify the location for the agent PKCS#12 file so we don't have to move it.
Dogtag 10.0.2 changed the default location for this file from /root/.pki
to /root/.dogtag which broke our install.
https://fedorahosted.org/freeipa/ticket/3599
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/install/cainstance.py | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 2bb6cb4e3..5669ebecb 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -655,6 +655,7 @@ class CAInstance(service.Service): config.set("CA", "pki_admin_nickname", "ipa-ca-agent") config.set("CA", "pki_admin_subject_dn", str(DN(('cn', 'ipa-ca-agent'), self.subject_base))) + config.set("CA", "pki_client_admin_cert_p12", "/root/ca-agent.p12") # Directory server config.set("CA", "pki_ds_ldap_port", str(self.ds_port)) @@ -741,9 +742,6 @@ class CAInstance(service.Service): print "ipa-server-install --external_cert_file=/path/to/signed_certificate --external_ca_file=/path/to/external_ca_certificate" sys.exit(0) else: - if not self.clone: - shutil.move("/root/.pki/pki-tomcat/ca_admin_cert.p12", \ - "/root/ca-agent.p12") shutil.move("/var/lib/pki/pki-tomcat/alias/ca_backup_keys.p12", \ "/root/cacert.p12") |