diff options
Diffstat (limited to 'ipa-server/ipa-upgradeconfig')
-rw-r--r-- | ipa-server/ipa-upgradeconfig | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/ipa-server/ipa-upgradeconfig b/ipa-server/ipa-upgradeconfig index 9f2c6cb92..48c4117d2 100644 --- a/ipa-server/ipa-upgradeconfig +++ b/ipa-server/ipa-upgradeconfig @@ -84,6 +84,16 @@ def upgrade(sub_dict, filename, template): update_conf(sub_dict, filename, template) print "Upgraded %s to version %d" % (filename, new) +def check_certs(realm_name): + """Check ca.crt is in the right place, and try to fix if not""" + if not os.path.exists("/usr/share/ipa/html/ca.crt"): + ca_file = "/etc/dirsrv/slapd-" + ("-".join(realm_name.split("."))) + "/cacert.asc" + if os.path.exists(ca_file): + shutil.copyfile(ca_file, "/usr/share/ipa/html/ca.crt") + else: + print "Missing Certification Authority file." + print "You should place a copy of the CA certificate in /usr/share/ipa/html/ca.crt" + def main(): try: krbctx = krbV.default_context() @@ -92,6 +102,11 @@ def main(): sys.exit(1) try: + check_certs(krbctx.default_realm) + except Error, e: + print "Failed to check CA certificate: %s" % e + + try: fqdn = find_hostname() except IOError: # ipa-rewrite.conf doesn't exist, nothing to do |