Install the ca.crt file early on so that we can always enforce SSL

protected connections to other LDAP servers Fix error reporting on replica creation.
author: Simo Sorce <ssorce@redhat.com> 2008-08-11 16:15:30 -0400
committer: Simo Sorce <ssorce@redhat.com> 2008-08-13 15:36:57 -0400
commit: f5177e6b84a44d417e0e37df40fe92f62de9262d (patch)
tree: 0f3c76c38cdc45fda14582d29fbc1b500ef6bec8 /ipa-server/ipaserver/ipaldap.py
parent: 0d6b6fa084830c9c93ee2a53707b6697f6cbcfa9 (diff)
download: freeipa-f5177e6b84a44d417e0e37df40fe92f62de9262d.tar.gz
freeipa-f5177e6b84a44d417e0e37df40fe92f62de9262d.tar.xz
freeipa-f5177e6b84a44d417e0e37df40fe92f62de9262d.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ipa-server/ipaserver/ipaldap.py b/ipa-server/ipaserver/ipaldap.py
index 04e86680..3006d479 100644
--- a/ipa-server/ipaserver/ipaldap.py
+++ b/ipa-server/ipaserver/ipaldap.py
@@ -270,7 +270,9 @@ class IPAdmin(SimpleLDAPObject):
             ldap.set_option(ldap.OPT_DEBUG_LEVEL,255)
         if cacert is not None:
             ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,cacert)
+        if bindcert is not None:
             ldap.set_option(ldap.OPT_X_TLS_CERTFILE,bindcert)
+        if bindkey is not None:
             ldap.set_option(ldap.OPT_X_TLS_KEYFILE,bindkey)
 
         self.__wrapmethods()
author	Simo Sorce <ssorce@redhat.com>	2008-08-11 16:15:30 -0400
committer	Simo Sorce <ssorce@redhat.com>	2008-08-13 15:36:57 -0400
commit	f5177e6b84a44d417e0e37df40fe92f62de9262d (patch)
tree	0f3c76c38cdc45fda14582d29fbc1b500ef6bec8 /ipa-server/ipaserver/ipaldap.py
parent	0d6b6fa084830c9c93ee2a53707b6697f6cbcfa9 (diff)
download	freeipa-f5177e6b84a44d417e0e37df40fe92f62de9262d.tar.gz freeipa-f5177e6b84a44d417e0e37df40fe92f62de9262d.tar.xz freeipa-f5177e6b84a44d417e0e37df40fe92f62de9262d.zip