Allow choosing CA-less server certificates by name

Added new --*-cert-name options to ipa-server-install and ipa-replica-prepare and --cert-name option to ipa-server-certinstall. The options allows choosing a particular certificate and private key from PKCS#12 files by its friendly name. https://fedorahosted.org/freeipa/ticket/4489 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
author: Jan Cholasta <jcholast@redhat.com> 2014-09-24 16:48:15 +0200
committer: Martin Kosek <mkosek@redhat.com> 2014-09-30 08:50:47 +0200
commit: 3cde7e9cfd7908b24082e3e50cdd0955726223d0 (patch)
tree: 235ef572fd448a2246b5a9ede1787f5250e6ffb9 /ipaserver/install/ipa_server_certinstall.py
parent: 88083887c994ab505d6e07151e5dd26b56bb7732 (diff)
download: freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.tar.gz
freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.tar.xz
freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/ipaserver/install/ipa_server_certinstall.py b/ipaserver/install/ipa_server_certinstall.py
index 1744a6eb8..9165ac1c9 100644
--- a/ipaserver/install/ipa_server_certinstall.py
+++ b/ipaserver/install/ipa_server_certinstall.py
@@ -61,6 +61,10 @@ class ServerCertInstall(admintool.AdminTool):
             dest="pin",
             help=optparse.SUPPRESS_HELP)
         parser.add_option(
+            "--cert-name",
+            dest="cert_name", metavar="NAME",
+            help="Name of the certificate to install")
+        parser.add_option(
             "-p", "--dirman-password",
             dest="dirman_password",
             help="Directory Manager password")
@@ -155,7 +159,7 @@ class ServerCertInstall(admintool.AdminTool):
         pkcs12_file, pin, ca_cert = installutils.load_pkcs12(
             cert_files=self.args,
             key_password=pkcs12_passwd,
-            key_nickname=None,
+            key_nickname=self.options.cert_name,
             ca_cert_files=[CACERT],
             host_name=api.env.host)
author	Jan Cholasta <jcholast@redhat.com>	2014-09-24 16:48:15 +0200
committer	Martin Kosek <mkosek@redhat.com>	2014-09-30 08:50:47 +0200
commit	3cde7e9cfd7908b24082e3e50cdd0955726223d0 (patch)
tree	235ef572fd448a2246b5a9ede1787f5250e6ffb9 /ipaserver/install/ipa_server_certinstall.py
parent	88083887c994ab505d6e07151e5dd26b56bb7732 (diff)
download	freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.tar.gz freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.tar.xz freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.zip