diff options
| -rw-r--r-- | ipaserver/plugins/ca.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ipaserver/plugins/ca.py b/ipaserver/plugins/ca.py index ee98f0a2a..966ae2b1b 100644 --- a/ipaserver/plugins/ca.py +++ b/ipaserver/plugins/ca.py @@ -163,6 +163,13 @@ class ca_add(LDAPCreate): except errors.NotFound: pass + # check for subject collision before creating CA in Dogtag + result = api.Command.ca_find(ipacasubjectdn=options['ipacasubjectdn']) + if result['count'] > 0: + raise errors.DuplicateEntry(message=_( + "Subject DN is already used by CA '%s'" + ) % result['result'][0]['cn'][0]) + # Create the CA in Dogtag. with self.api.Backend.ra_lightweight_ca as ca_api: resp = ca_api.create_ca(options['ipacasubjectdn']) |