From 6870eb909ec5a92dad79da62b4101d3f7f6a2abb Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Thu, 12 Jun 2014 13:26:34 +0200
Subject: Add function for writing list of certificates to a PEM file to
 ipalib.x509.

Also rename load_certificate_chain_from_file to
load_certificate_list_from_file.

Part of https://fedorahosted.org/freeipa/ticket/3259
Part of https://fedorahosted.org/freeipa/ticket/3520

Reviewed-By: Rob Crittenden <rcritten@redhat.com>
---
 ipaserver/install/installutils.py      | 2 +-
 ipaserver/install/ipa_cacert_manage.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'ipaserver')

diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index ab8f11d67..6ad7106b5 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -889,7 +889,7 @@ def validate_external_cert(cert_file, ca_file, subject_base):
 
     extchain = None
     try:
-        extchain = x509.load_certificate_chain_from_file(ca_file)
+        extchain = x509.load_certificate_list_from_file(ca_file)
         certdict = dict((DN(str(cert.subject)), DN(str(cert.issuer)))
                         for cert in extchain)
     except IOError, e:
diff --git a/ipaserver/install/ipa_cacert_manage.py b/ipaserver/install/ipa_cacert_manage.py
index bf2a55b0d..bb2af5375 100644
--- a/ipaserver/install/ipa_cacert_manage.py
+++ b/ipaserver/install/ipa_cacert_manage.py
@@ -224,7 +224,7 @@ class CACertManage(admintool.AdminTool):
                 raise admintool.ScriptError(
                     "Not compatible with the current CA certificate: %s", e)
 
-            ca_certs = x509.load_certificate_chain_from_file(ca_filename)
+            ca_certs = x509.load_certificate_list_from_file(ca_filename)
             for ca_cert in ca_certs:
                 tmpdb.add_cert(ca_cert.der_data, str(ca_cert.subject), 'C,,')
             del ca_certs
-- 
cgit