From dbfa7157ccf0c467e33f742176fc82a789c72e2e Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Wed, 9 Oct 2013 22:33:20 +0200 Subject: PKI installation on replica failing due to missing proxy conf Proxy configuration was not detected correctly. Both ipa-pki-proxy.conf and ipa.conf need to be in place and httpd restarted to be able to check it's status. https://fedorahosted.org/freeipa/ticket/3964 --- ipapython/platform/fedora16/service.py | 3 ++- ipaserver/install/cainstance.py | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/ipapython/platform/fedora16/service.py b/ipapython/platform/fedora16/service.py index 297e6833..36e7a31c 100644 --- a/ipapython/platform/fedora16/service.py +++ b/ipapython/platform/fedora16/service.py @@ -143,7 +143,8 @@ class Fedora16CAService(Fedora16Service): # Unfortunately, knownservices.httpd.is_installed() can return # false positives, so check for existence of our configuration file. # TODO: Use a cleaner solution - if not os.path.exists('/etc/httpd/conf.d/ipa.conf'): + if not (os.path.exists('/etc/httpd/conf.d/ipa.conf') and + os.path.exists('/etc/httpd/conf.d/ipa-pki-proxy.conf')): root_logger.debug( 'The httpd proxy is not installed, skipping wait for CA') return diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 15d79fdb..9f0d4d4c 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -1679,8 +1679,10 @@ def install_replica_ca(config, master_ds_port, postinstall=False): master_replication_port=master_ds_port, subject_base=config.subject_base) + # Restart httpd since we changed it's config and added ipa-pki-proxy.conf + # Without the restart, CA service status check would fail due to missing + # proxy if postinstall: - # Restart httpd since we changed its config ipaservices.knownservices.httpd.restart() -- cgit