From 986c4e23e7f640911cbe72129dc3f675438f35d4 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Wed, 18 Nov 2009 17:51:28 -0500
Subject: Point to correct location of self-signed CA and set pw on 389-DS cert
 db

The CA was moved from residing in the DS NSS database into the Apache
database to support a self-signed CA certificate plugin. This was not
updated in the installer boilerplate.

The DS db wasn't getting a password set on it. Go ahead and set one.
---
 ipaserver/install/dsinstance.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ipaserver/install/dsinstance.py')

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 254c575c0..60436dee2 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -340,7 +340,7 @@ class DsInstance(service.Service):
             cadb = certs.CertDB(httpinstance.NSS_DIR, host_name=self.host_name)
             if self.self_signed_ca:
                 cadb.create_self_signed()
-                dsdb.create_from_cacert(cadb.cacert_fname)
+                dsdb.create_from_cacert(cadb.cacert_fname, passwd=None)
                 dsdb.create_server_cert("Server-Cert", self.host_name, cadb)
                 dsdb.create_pin_file()
             else:
-- 
cgit