From dd69c7dbe68e8f8674994a54ea913f2dd2e52c32 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 8 Jun 2011 10:54:41 -0400 Subject: Make data type of certificates more obvious/predictable internally. For the most part certificates will be treated as being in DER format. When we load a certificate we will generally accept it in any format but will convert it to DER before proceeding in normalize_certificate(). This also re-arranges a bit of code to pull some certificate-specific functions out of ipalib/plugins/service.py into ipalib/x509.py. This also tries to use variable names to indicate what format the certificate is in at any given point: dercert: DER cert: PEM nsscert: a python-nss Certificate object rawcert: unknown format ticket 32 --- ipaserver/install/httpinstance.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ipaserver/install/httpinstance.py') diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index e53c01e1c..26fde51f9 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -185,7 +185,7 @@ class HTTPInstance(service.Service): db.create_password_conf() # We only handle one server cert nickname = server_certs[0][0] - self.dercert = db.get_cert_from_db(nickname) + self.dercert = db.get_cert_from_db(nickname, pem=False) db.track_server_cert(nickname, self.principal, db.passwd_fname) self.__set_mod_nss_nickname(nickname) -- cgit