diff options
Diffstat (limited to 'install')
| -rw-r--r-- | install/restart_scripts/renew_ca_cert | 1 | ||||
| -rwxr-xr-x | install/tools/ipa-ca-install | 2 | ||||
| -rwxr-xr-x | install/tools/ipa-replica-install | 3 | ||||
| -rwxr-xr-x | install/tools/ipa-server-install | 3 |
4 files changed, 6 insertions, 3 deletions
diff --git a/install/restart_scripts/renew_ca_cert b/install/restart_scripts/renew_ca_cert index 5768db3f..ab394b97 100644 --- a/install/restart_scripts/renew_ca_cert +++ b/install/restart_scripts/renew_ca_cert @@ -83,6 +83,7 @@ except Exception, e: finally: shutil.rmtree(tmpdir) +# Done withing stopped_service context, CA restarted here update_cert_config(nickname, cert) if nickname == 'subsystemCert cert-pki-ca': diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index 636f63da..4edd26d3 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -189,8 +189,8 @@ def main(): CA.ldap_enable('CA', config.host_name, config.dirman_password, ipautil.realm_to_suffix(config.realm_name)) + # This is done within stopped_service context, which restarts CA CA.enable_client_auth_to_db() - CA.restart() # Install CA DNS records install_dns_records(config, options) diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index c6d69fca..947c51f6 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -675,8 +675,9 @@ def main(): if CA and config.setup_ca: CA.ldap_enable('CA', config.host_name, config.dirman_password, ipautil.realm_to_suffix(config.realm_name)) + + # This is done within stopped_service context, which restarts CA CA.enable_client_auth_to_db() - CA.restart() krb = install_krb(config, setup_pkinit=options.setup_pkinit) http = install_http(config, auto_redirect=options.ui_redirect) diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 06e99134..86ca3447 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -1054,8 +1054,9 @@ def main(): # We need to ldap_enable the CA now that DS is up and running ca.ldap_enable('CA', host_name, dm_password, ipautil.realm_to_suffix(realm_name)) + + # This is done within stopped_service context, which restarts CA ca.enable_client_auth_to_db() - ca.restart() # Upload the CA cert to the directory ds.upload_ca_cert() |