diff options
-rw-r--r-- | ipaserver/install/cainstance.py | 5 | ||||
-rw-r--r-- | ipaserver/install/server/install.py | 3 | ||||
-rw-r--r-- | ipaserver/plugins/dogtag.py | 10 |
3 files changed, 12 insertions, 6 deletions
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 42225c28c..563a198ab 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -473,6 +473,9 @@ class CAInstance(DogtagInstance): self.step("configure Server-Cert certificate renewal", self.track_servercert) self.step("Configure HTTP to proxy connections", self.http_proxy) + if not self.clone: + self.step("restarting certificate server", self.restart_instance) + self.step("Importing IPA certificate profiles", import_included_profiles) self.start_creation(runtime=210) @@ -1694,6 +1697,7 @@ def import_included_profiles(): ) conn.add_entry(entry) api.Backend.ra_certprofile._read_password() + api.Backend.ra_certprofile.override_port = 8443 with api.Backend.ra_certprofile as profile_api: # import the profile try: @@ -1715,6 +1719,7 @@ def import_included_profiles(): except errors.RemoteRetrieveError: pass + api.Backend.ra_certprofile.override_port = None root_logger.info("Imported profile '%s'", profile_id) conn.disconnect() diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index 955e4cc11..999766d67 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -906,9 +906,6 @@ def install(options): service.print_msg("Restarting the certificate server") ca.restart(dogtag.configured_constants().PKI_INSTANCE_NAME) - service.print_msg("Importing certificate profiles") - cainstance.import_included_profiles() - if options.setup_dns: api.Backend.ldap2.connect(autobind=True) dns.install(False, False, options) diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index e6668bb43..e60cced1a 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -1973,6 +1973,7 @@ class RestClient(Backend): super(RestClient, self).__init__() # session cookie + self.override_port = None self.cookie = None def _read_password(self): @@ -2007,7 +2008,8 @@ class RestClient(Backend): if self.cookie is not None: return status, status_text, resp_headers, resp_body = dogtag.https_request( - self.ca_host, self.env.ca_agent_port, '/ca/rest/account/login', + self.ca_host, self.override_port or self.env.ca_agent_port, + '/ca/rest/account/login', self.sec_dir, self.password, self.ipa_certificate_nickname, method='GET' ) @@ -2020,7 +2022,8 @@ class RestClient(Backend): def __exit__(self, exc_type, exc_value, traceback): """Log out of the REST API""" dogtag.https_request( - self.ca_host, self.env.ca_agent_port, '/ca/rest/account/logout', + self.ca_host, self.override_port or self.env.ca_agent_port, + '/ca/rest/account/logout', self.sec_dir, self.password, self.ipa_certificate_nickname, method='GET' ) @@ -2046,7 +2049,8 @@ class RestClient(Backend): # perform main request status, status_text, resp_headers, resp_body = dogtag.https_request( - self.ca_host, self.env.ca_agent_port, resource, + self.ca_host, self.override_port or self.env.ca_agent_port, + resource, self.sec_dir, self.password, self.ipa_certificate_nickname, method=method, headers=headers, body=body ) |