From f5177e6b84a44d417e0e37df40fe92f62de9262d Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Mon, 11 Aug 2008 16:15:30 -0400
Subject: Install the ca.crt file early on so that we can always enforce SSL
 protected connections to other LDAP servers Fix error reporting on replica
 creation.

---
 ipa-server/ipaserver/ipaldap.py | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'ipa-server/ipaserver/ipaldap.py')

diff --git a/ipa-server/ipaserver/ipaldap.py b/ipa-server/ipaserver/ipaldap.py
index 04e86680..3006d479 100644
--- a/ipa-server/ipaserver/ipaldap.py
+++ b/ipa-server/ipaserver/ipaldap.py
@@ -270,7 +270,9 @@ class IPAdmin(SimpleLDAPObject):
             ldap.set_option(ldap.OPT_DEBUG_LEVEL,255)
         if cacert is not None:
             ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,cacert)
+        if bindcert is not None:
             ldap.set_option(ldap.OPT_X_TLS_CERTFILE,bindcert)
+        if bindkey is not None:
             ldap.set_option(ldap.OPT_X_TLS_KEYFILE,bindkey)
 
         self.__wrapmethods()
-- 
cgit