From dcb90d1dec94c97e9c78f25e863a30f8b2ceb0a8 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Tue, 14 Jun 2016 05:55:01 +0200
Subject: Fixed problem with headerless PKCS #7 data.

Due to a recently added validation code, the headerless PKCS #7
data generated by IPA needs to be joined into a single line before
storing it in CS.cfg.
---
 base/common/python/pki/nssdb.py | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'base/common/python')

diff --git a/base/common/python/pki/nssdb.py b/base/common/python/pki/nssdb.py
index 2504a9579..0c27c3f19 100644
--- a/base/common/python/pki/nssdb.py
+++ b/base/common/python/pki/nssdb.py
@@ -477,6 +477,13 @@ class NSSDatabase(object):
             else:  # import PKCS #7 data without header/footer
                 with open(cert_chain_file, 'r') as f:
                     base64_data = f.read()
+
+                # TODO: fix ipaserver/install/cainstance.py in IPA
+                # to no longer remove PKCS #7 header/footer
+
+                # join base-64 data into a single line
+                base64_data = base64_data.replace('\r', '').replace('\n', '')
+
                 pkcs7_data = convert_pkcs7(base64_data, 'base64', 'pem')
 
                 tmp_cert_chain_file = os.path.join(tmpdir, 'cert_chain.p7b')
-- 
cgit