diff options
author | Petr Viktorin <pviktori@redhat.com> | 2013-03-20 14:44:22 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-04-15 13:32:58 +0200 |
commit | b36380fff80d5a6755240bd65b6ef432ef2741e6 (patch) | |
tree | affb6543927e73784ad967ef256c362ea6b0ca1c /install | |
parent | b8b573a966f4be268031ccca5abce09767928ff7 (diff) | |
download | freeipa.git-b36380fff80d5a6755240bd65b6ef432ef2741e6.tar.gz freeipa.git-b36380fff80d5a6755240bd65b6ef432ef2741e6.tar.xz freeipa.git-b36380fff80d5a6755240bd65b6ef432ef2741e6.zip |
ipa-server-install: correct help text for --external_{cert,ca}_file
The options take PEM certificates, not PKCS#10.
This corrects both the --help output and the man page.
https://fedorahosted.org/freeipa/ticket/3523
Diffstat (limited to 'install')
-rwxr-xr-x | install/tools/ipa-server-install | 10 | ||||
-rw-r--r-- | install/tools/man/ipa-server-install.1 | 4 |
2 files changed, 7 insertions, 7 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index da3caa08..d400dbab 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -169,9 +169,9 @@ def parse_options(): cert_group.add_option("", "--external-ca", dest="external_ca", action="store_true", default=False, help="Generate a CSR to be signed by an external CA") cert_group.add_option("", "--external_cert_file", dest="external_cert_file", - help="File containing PKCS#10 certificate") + help="PEM file containing a certificate signed by the external CA") cert_group.add_option("", "--external_ca_file", dest="external_ca_file", - help="File containing PKCS#10 of the external CA chain") + help="PEM file containing the external CA chain") cert_group.add_option("--no-pkinit", dest="setup_pkinit", action="store_false", default=True, help="disables pkinit setup steps") cert_group.add_option("--dirsrv_pkcs12", dest="dirsrv_pkcs12", @@ -670,7 +670,7 @@ def main(): try: extcert = load_certificate_from_file(options.external_cert_file) except IOError, e: - print "Can't load the PKCS#10 certificate: %s." % str(e) + print "Can't load the PEM certificate: %s." % str(e) sys.exit(1) except nss.error.NSPRError: print "'%s' is not a valid PEM-encoded certificate." % options.external_cert_file @@ -679,7 +679,7 @@ def main(): certsubject = DN(str(extcert.subject)) wantsubject = DN(('CN','Certificate Authority'), options.subject) if certsubject != wantsubject: - print "Subject of the PKCS#10 certificate is not correct (got %s, expected %s)." % (certsubject, wantsubject) + print "Subject of the external certificate is not correct (got %s, expected %s)." % (certsubject, wantsubject) sys.exit(1) try: @@ -694,7 +694,7 @@ def main(): certdict = dict((DN(str(cert.subject)), cert) for cert in extchain) certissuer = DN(str(extcert.issuer)) if certissuer not in certdict: - print "The PKCS#10 certificate is not signed by the external CA (unknown issuer %s)." % certissuer + print "The external certificate is not signed by the external CA (unknown issuer %s)." % certissuer sys.exit(1) cert = extcert diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1 index 6959a314..59219c14 100644 --- a/install/tools/man/ipa-server-install.1 +++ b/install/tools/man/ipa-server-install.1 @@ -88,10 +88,10 @@ An unattended installation that will never prompt for user input Generate a CSR to be signed by an external CA .TP \fB\-\-external_cert_file\fR=\fIFILE\fR -File containing PKCS#10 certificate +PEM file containing a certificate signed by the external CA. Must be given with \-\-external_ca_file. .TP \fB\-\-external_ca_file\fR=\fIFILE\fR -File containing PKCS#10 of the external CA chain +PEM file containing the external CA chain .TP \fB\-\-no\-pkinit\fR Disables pkinit setup steps |