diff options
author | Rob Crittenden <rcritten@redhat.com> | 2009-07-10 16:18:16 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2009-07-15 09:00:01 -0400 |
commit | 8d164569d0e4ee79089ae224ac6f5a569c291cdb (patch) | |
tree | a75db1b23693315d1b35bad891ea6c86019d7149 /ipaserver/install/dsinstance.py | |
parent | 904e55540438cfd88507fa747daa585605b90bdb (diff) | |
download | freeipa-8d164569d0e4ee79089ae224ac6f5a569c291cdb.tar.gz freeipa-8d164569d0e4ee79089ae224ac6f5a569c291cdb.tar.xz freeipa-8d164569d0e4ee79089ae224ac6f5a569c291cdb.zip |
Allow replicas of an IPA server using an internal dogtag server as the CA
This involves creating a new CA instance on the replica and using pkisilent
to create a clone of the master CA.
Also generally fixes IPA to work with the latest dogtag SVN tip. A lot of
changes to ports and configuration have been done recently.
Diffstat (limited to 'ipaserver/install/dsinstance.py')
-rw-r--r-- | ipaserver/install/dsinstance.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index e31cd081..76eb8dd9 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -327,12 +327,12 @@ class DsInstance(service.Service): nickname = "Server-Cert" if self.self_signed_ca: dsdb.create_self_signed() - dsdb.create_server_cert("Server-Cert", "cn=%s,ou=Fedora Directory Server" % self.host_name) + dsdb.create_server_cert("Server-Cert", self.host_name) else: cadb = certs.CertDB("/etc/httpd/alias", host_name=self.host_name) cadb.export_ca_cert(cadb.cacert_name, False) dsdb.create_from_cacert(cadb.cacert_fname, passwd=None) - dsdb.create_server_cert("Server-Cert", "CN=%s,OU=pki-ipa,O=IPA" % self.host_name, cadb) + dsdb.create_server_cert("Server-Cert", self.host_name, cadb) dsdb.create_pin_file() conn = ipaldap.IPAdmin("127.0.0.1") |