From 5bbe1108d50f855842493ff0ef88b5eef2a4f7a6 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 24 Jul 2009 09:29:33 -0400 Subject: Identify CAs to trust from an imported PKCS#12 file We used to use certutil -O to determine the cert chain to trust. This behavior changed in F-11 such that untrusted CAs are not displayed. This is only used when we import PKCS#12 files so use pk12util -l to display the list of certs and keys in the file to determine the nickname(s) of the CAs to trust. 509111 --- ipaserver/install/httpinstance.py | 1 + 1 file changed, 1 insertion(+) (limited to 'ipaserver/install/httpinstance.py') diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index bf926737..ba9de613 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -172,6 +172,7 @@ class HTTPInstance(service.Service): if len(server_certs) == 0: raise RuntimeError("Could not find a suitable server cert in import in %s" % pkcs12_info[0]) + db.create_password_conf() # We only handle one server cert nickname = server_certs[0][0] -- cgit