From d802aa57f16e3267b4db739721a56e041e5f888e Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Thu, 14 Jul 2011 14:09:53 +0200 Subject: Fix self-signed replica installation When a replica for self-signed server is being installed, the installer crashes with "Not a dogtag CA installation". Make sure that installation is handled correctly for both dogtag and self-signed replicas. https://fedorahosted.org/freeipa/ticket/1479 --- install/tools/ipa-ca-install | 4 ++++ ipaserver/install/cainstance.py | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index edd8f4cfd..e6adae057 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -134,6 +134,10 @@ def main(): # Configure the CA if necessary (CA, cs) = cainstance.install_replica_ca(config, postinstall=True) + if not CA: + # not a dogtag CA replica + sys.exit("Not a dogtag CA installation!") + # We need to ldap_enable the CA now that DS is up and running CA.ldap_enable('CA', config.host_name, config.dirman_password, util.realm_to_suffix(config.realm_name)) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 4ace26db5..fbc566a28 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -1109,8 +1109,8 @@ def install_replica_ca(config, postinstall=False): cafile = config.dir + "/cacert.p12" if not ipautil.file_exists(cafile): - # not a dogtag CA replica - sys.exit('Not a dogtag CA installation') + # self-signed replica + return (None, None) if not config.setup_ca: # We aren't configuring the CA in this step but we still need -- cgit