From 0dfb451c3f355a55dace8ce2ada8db335fc5c0b8 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Wed, 22 Apr 2009 14:36:51 -0400
Subject: Utilize the new dogtag library for retrieving the CA cert chain

---
 ipaserver/install/cainstance.py | 19 ++++---------------
 1 file changed, 4 insertions(+), 15 deletions(-)

(limited to 'ipaserver/install/cainstance.py')

diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index d33901dc..889a648e 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -35,6 +35,7 @@ import httplib
 import urllib
 import xml.dom.minidom
 import stat
+from ipapython import dogtag
 
 from nss.error import NSPRError
 import nss.nss as nss
@@ -690,21 +691,9 @@ class CAInstance(service.Service):
         stdout, stderr = self.__run_certutil(["-N"])
 
     def __get_ca_chain(self):
-        conn = httplib.HTTPConnection(self.host_name, 9180)
-        conn.request("GET", "/ca/ee/ca/getCertChain")
-        res = conn.getresponse()
-        if res.status == 200:
-            data = res.read()
-
-            doc = xml.dom.minidom.parseString(data)
-            item_node = doc.getElementsByTagName("ChainBase64")
-            chain = item_node[0].childNodes[0].data
-            doc.unlink()
-            conn.close()
-
-            return chain
-        else:
-            conn.close()
+        try:
+            return dogtag.get_ca_certchain()
+        except:
             raise RuntimeError("Unable to retrieve CA chain")
 
     def __create_ca_agent_pkcs12(self):
-- 
cgit