summaryrefslogtreecommitdiffstats
path: root/ipapython/certmonger.py
Commit message (Collapse)AuthorAgeFilesLines
* Configure certmonger to execute restart scripts on renewal.Rob Crittenden2012-04-101-1/+8
| | | | | | | | certmonger now has the ability to execute a script when it renews a certificate. This can be used to automatically restart servers so the certificate doesn't expire in the running server. https://fedorahosted.org/freeipa/ticket/2050
* Use absolute paths when trying to find certmonger request id.Rob Crittenden2011-12-081-9/+14
| | | | | | | | | The value stored in certmonger is not guaranteed to be normalized nor is the value passed-in (could be a relative path and may or not contain trailing slash). We do direct string compares so they need to match exactly or we won't find the request. https://fedorahosted.org/freeipa/ticket/1942
* If --hostname is provided for ipa-client-install use it everywhere.Rob Crittenden2011-03-081-2/+78
| | | | | | | | | | | | | | | | | | | If a hostname was provided it wasn't used to configure either certmonger or sssd. This resulted in a non-working configuration. Additionally on un-enrollment the wrong hostname was unenrolled, it used the value of gethostname() rather than the one that was passed into the installer. We have to modify the CA configuration of certmonger to make it use the right principal when requesting certificates. The filename is unpredicable but it will be in /var/lib/certmonger/cas. We need to hunt for ipa_submit and add -k <principal> to it, then undo that on uninstall. These files are created the first time the certmonger service starts, so start and stop it before messing with them. ticket 1029
* Change FreeIPA license to GPLv3+Jakub Hrozek2010-12-201-5/+5
| | | | | | | | | | The changes include: * Change license blobs in source files to mention GPLv3+ not GPLv2 only * Add GPLv3+ license text * Package COPYING not LICENSE as the license blobs (even the old ones) mention COPYING specifically, it is also more common, I think https://fedorahosted.org/freeipa/ticket/239
* Fix certmonger errors when doing a client or server uninstall.Rob Crittenden2010-09-091-0/+248
This started with the client uninstaller returning a 1 when not installed. There was no way to tell whether the uninstall failed or the client simply wasn't installed which caused no end of grief with the installer. This led to a lot of certmonger failures too, either trying to stop tracking a non-existent cert or not handling an existing tracked certificate. I moved the certmonger code out of the installer and put it into the client/server shared ipapython lib. It now tries a lot harder and smarter to untrack a certificate. ticket 142
generated by cgit (git 2.34.1) at 2024-05-26 11:28:35 +0000