From 064240def3e5fe1d0e75020b4a63a130e5232733 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 28 Apr 2009 17:05:39 -0400 Subject: Fix replica installation for self-signed CA (no dogtag) --- install/tools/ipa-replica-install | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'install/tools/ipa-replica-install') diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index e3c0de085..a92db3029 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -30,6 +30,7 @@ from ipaserver.install import dsinstance, replication, installutils, krbinstance from ipaserver.install import httpinstance, ntpinstance, certs from ipaserver import ipaldap from ipapython import version +from ipalib import util CACERT="/usr/share/ipa/html/ca.crt" @@ -144,7 +145,7 @@ def install_http(config): config.dir + "/http_pin.txt") http = httpinstance.HTTPInstance() - http.create_instance(config.realm_name, config.host_name, config.domain_name, False, pkcs12_info) + http.create_instance(config.realm_name, config.host_name, config.domain_name, False, pkcs12_info, self_signed_ca=True) # Now copy the autoconfiguration files if ipautil.file_exists(config.dir + "/preferences.html"): @@ -267,6 +268,18 @@ def main(): fd.write("domain=" + config.domain_name + "\n") fd.close() + # Create the management framework config file + fd = open("/etc/ipa/default.conf", "w") + fd.write("[global]\n") + fd.write("basedn=" + util.realm_to_suffix(config.realm_name) + "\n") + fd.write("realm=" + config.realm_name + "\n") + fd.write("domain=" + config.domain_name + "\n") + fd.write("xmlrpc_uri=https://%s/ipa/xml\n" % config.host_name) + # FIXME: detect when we are installing a cloned CA + if False: + fd.write("enable_ra=True\n") + fd.close() + # Apply any LDAP updates. Needs to be done after the replica is synced-up service.print_msg("Applying LDAP updates") ds.apply_updates() -- cgit