From 66a4b7e635a4456a102221049c58c461d3429093 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Fri, 22 Jan 2016 00:03:39 +0100
Subject: Fixed installation summary for existing CA.

The pkispawn has been modified to display the proper summary for
external CA and existing CA cases.

https://fedorahosted.org/pki/ticket/456
---
 base/server/python/pki/server/deployment/pkihelper.py       |  1 +
 .../pki/server/deployment/scriptlets/configuration.py       | 13 ++++++-------
 2 files changed, 7 insertions(+), 7 deletions(-)

(limited to 'base/server/python')

diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py
index 1db235826..c5c71ef99 100644
--- a/base/server/python/pki/server/deployment/pkihelper.py
+++ b/base/server/python/pki/server/deployment/pkihelper.py
@@ -504,6 +504,7 @@ class ConfigurationFile:
         self.external = config.str2bool(self.mdict['pki_external'])
         self.external_step_one = not config.str2bool(self.mdict['pki_external_step_two'])
         self.external_step_two = not self.external_step_one
+        self.external_csr_path = self.mdict['pki_external_csr_path']
 
         if self.external:
             # generic extension support in CSR - for external CA
diff --git a/base/server/python/pki/server/deployment/scriptlets/configuration.py b/base/server/python/pki/server/deployment/scriptlets/configuration.py
index 575a347c2..a5ab3f88b 100644
--- a/base/server/python/pki/server/deployment/scriptlets/configuration.py
+++ b/base/server/python/pki/server/deployment/scriptlets/configuration.py
@@ -96,6 +96,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
         external = deployer.configuration_file.external
         step_one = deployer.configuration_file.external_step_one
         step_two = deployer.configuration_file.external_step_two
+        external_csr_path = deployer.configuration_file.external_csr_path
 
         try:
             if external and step_one: # external/existing CA step 1
@@ -127,16 +128,15 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
 
                 # If filename specified, generate CA cert request and
                 # import it into CS.cfg.
-                request_file = deployer.mdict['pki_external_csr_path']
-                if request_file:
+                if external_csr_path:
                     nssdb.create_request(
                         subject_dn=deployer.mdict['pki_ca_signing_subject_dn'],
-                        request_file=request_file,
+                        request_file=external_csr_path,
                         key_type=key_type,
                         key_size=key_size,
                         curve=curve,
                         hash_alg=hash_alg)
-                    with open(request_file) as f:
+                    with open(external_csr_path) as f:
                         signing_csr = f.read()
                     signing_csr = pki.nss.convert_csr(signing_csr, 'pem', 'base64')
                     subsystem.config['ca.signing.certreq'] = signing_csr
@@ -150,9 +150,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
             elif external and step_two: # external/existing CA step 2
 
                 # If specified, import existing CA cert request into CS.cfg.
-                request_file = deployer.mdict['pki_external_csr_path']
-                if request_file:
-                    with open(request_file) as f:
+                if external_csr_path:
+                    with open(external_csr_path) as f:
                         signing_csr = f.read()
                     signing_csr = pki.nss.convert_csr(signing_csr, 'pem', 'base64')
                     subsystem.config['ca.signing.certreq'] = signing_csr
-- 
cgit