From 9af1746463bec2e62c990279d857635f693cfac7 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Tue, 30 May 2017 21:07:59 +0200 Subject: Fixed two-step subordinate CA installation. The initialization scriptlet has been fixed to verify the subsystem existence properly when running the second step of the two-step subordinate CA installation. https://pagure.io/dogtagpki/issue/2707 Change-Id: I0cc8ca21fda8637b4b34f4c5a1c108d213f638f8 --- .../pki/server/deployment/scriptlets/initialization.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'base/server/python') diff --git a/base/server/python/pki/server/deployment/scriptlets/initialization.py b/base/server/python/pki/server/deployment/scriptlets/initialization.py index 4dc4e9a80..1ae77e429 100644 --- a/base/server/python/pki/server/deployment/scriptlets/initialization.py +++ b/base/server/python/pki/server/deployment/scriptlets/initialization.py @@ -54,13 +54,19 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): else: config.pki_log.info(log.INITIALIZATION_SPAWN_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) + + # Verify that the subsystem already exists for the following cases: + # - External CA (Step 2) + # - Stand-alone PKI (Step 2) + # - Two-step installation (Step 2) + if (deployer.mdict['pki_subsystem'] == "CA" or config.str2bool(deployer.mdict['pki_standalone'])) and \ - config.str2bool(deployer.mdict['pki_external_step_two']): - # verify that this External CA (Step 2), or Stand-alone PKI - # (Step 2) currently EXISTS for this "instance" + config.str2bool(deployer.mdict['pki_external_step_two']) or \ + config.str2bool(deployer.mdict['pki_skip_installation']): deployer.instance.verify_subsystem_exists() deployer.mdict['pki_skip_installation'] = "True" + else: # verify that this type of "subsystem" does NOT yet # exist for this "instance" -- cgit