From 70049496e3cfe0db01a58bcc51c7ea13e6caac24 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 30 Mar 2010 15:27:28 -0400
Subject: Remove older MITM fixes to make compatible with dogtag 1.3.3

We set a new port to be used with dogtag but IPA doesn't utilize it.

This also changes the way we determine which security database to use.
Rather than using whether api.env.home is set use api.env.in_tree.
---
 ipaserver/install/certs.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'ipaserver/install/certs.py')

diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index 4b8a57e9..05c9213b 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -570,7 +570,7 @@ class CertDB(object):
             password = f.readline()
             f.close()
             http_status, http_reason_phrase, http_headers, http_body = \
-                dogtag.https_request(self.host_name, api.env.ca_agent_port, "/ca/agent/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params)
+                dogtag.https_request(self.host_name, api.env.ca_ee_port, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params)
 
             if http_status != 200:
                 raise CertificateOperationError(error=_('Unable to communicate with CMS (%s)') % \
@@ -657,7 +657,7 @@ class CertDB(object):
             password = f.readline()
             f.close()
             http_status, http_reason_phrase, http_headers, http_body = \
-                dogtag.https_request(self.host_name, api.env.ca_agent_port, "/ca/agent/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params)
+                dogtag.https_request(self.host_name, api.env.ca_ee_port, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params)
             if http_status != 200:
                 raise RuntimeError("Unable to submit cert request")
 
-- 
cgit