From ff4ddbbb72512259179d7021a5ff5c313e2fdbfe Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 10 Mar 2010 11:55:48 -0500 Subject: Better customize the message regarding the CA based on the install options. There are now 3 cases: - Install a dogtag CA and issue server certs using that - Install a selfsign CA and issue server certs using that - Install using either dogtag or selfsign and use the provided PKCS#12 files for the server certs. The installed CA will still be used by the cert plugin to issue any server certs. --- install/tools/ipa-server-install | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 5eb956b9e..314adf160 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -792,14 +792,19 @@ def main(): print "\t and servers for correct operation. You should consider enabling ntpd." print "" - if not options.dirsrv_pkcs12: - print "Be sure to back up the CA certificate stored in /etc/httpd/alias/cacert.p12" - print "The password for this file is in /etc/httpd/alias/pwdfile.txt" - else: + if options.http_pkcs12: print "In order for Firefox autoconfiguration to work you will need to" print "use a SSL signing certificate. See the IPA documentation for more details." - print "You also need to install a PEM copy of the HTTP issuing CA into" + print "You also need to install a PEM copy of the CA certificate into" print "/usr/share/ipa/html/ca.crt" + else: + if options.selfsign: + print "Be sure to back up the CA certificate stored in /etc/httpd/alias/cacert.p12" + print "The password for this file is in /etc/httpd/alias/pwdfile.txt" + else: + print "Be sure to back up the CA certificate stored in /root/cacert.p12" + print "This file is required to create replicas. The password for this" + print "file is the Directory Manager password" return 0 -- cgit