diff options
author | Jan Cholasta <jcholast@redhat.com> | 2014-09-24 16:48:15 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2014-09-30 08:50:47 +0200 |
commit | 3cde7e9cfd7908b24082e3e50cdd0955726223d0 (patch) | |
tree | 235ef572fd448a2246b5a9ede1787f5250e6ffb9 /ipaserver/install/ipa_server_certinstall.py | |
parent | 88083887c994ab505d6e07151e5dd26b56bb7732 (diff) | |
download | freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.tar.gz freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.tar.xz freeipa-3cde7e9cfd7908b24082e3e50cdd0955726223d0.zip |
Allow choosing CA-less server certificates by name
Added new --*-cert-name options to ipa-server-install and ipa-replica-prepare
and --cert-name option to ipa-server-certinstall. The options allows choosing
a particular certificate and private key from PKCS#12 files by its friendly
name.
https://fedorahosted.org/freeipa/ticket/4489
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Diffstat (limited to 'ipaserver/install/ipa_server_certinstall.py')
-rw-r--r-- | ipaserver/install/ipa_server_certinstall.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/ipaserver/install/ipa_server_certinstall.py b/ipaserver/install/ipa_server_certinstall.py index 1744a6eb8..9165ac1c9 100644 --- a/ipaserver/install/ipa_server_certinstall.py +++ b/ipaserver/install/ipa_server_certinstall.py @@ -61,6 +61,10 @@ class ServerCertInstall(admintool.AdminTool): dest="pin", help=optparse.SUPPRESS_HELP) parser.add_option( + "--cert-name", + dest="cert_name", metavar="NAME", + help="Name of the certificate to install") + parser.add_option( "-p", "--dirman-password", dest="dirman_password", help="Directory Manager password") @@ -155,7 +159,7 @@ class ServerCertInstall(admintool.AdminTool): pkcs12_file, pin, ca_cert = installutils.load_pkcs12( cert_files=self.args, key_password=pkcs12_passwd, - key_nickname=None, + key_nickname=self.options.cert_name, ca_cert_files=[CACERT], host_name=api.env.host) |