diff options
| author | Oleg Fayans <ofayans@redhat.com> | 2016-09-09 12:10:46 +0200 |
|---|---|---|
| committer | David Kupka <dkupka@redhat.com> | 2016-09-22 15:20:42 +0200 |
| commit | c0e16aa3b9c380fb7936dc18c4bfc04e7f8327b5 (patch) | |
| tree | 662a682d89a64438752740ee5b713ac297d50ca9 | |
| parent | 38ad864342bb3fcbf65397b763c240f034f3e2c7 (diff) | |
| download | freeipa-c0e16aa3b9c380fb7936dc18c4bfc04e7f8327b5.tar.gz freeipa-c0e16aa3b9c380fb7936dc18c4bfc04e7f8327b5.tar.xz freeipa-c0e16aa3b9c380fb7936dc18c4bfc04e7f8327b5.zip | |
tests: Create a method that cleans all ipa certs
Upon uninstallation IPA does not remove certs from the system, see
https://fedorahosted.org/freeipa/ticket/4639 for details. This causes
installation failures in several tests. The workaround is to manually remove
certs from all certificate databases used by IPA after each server
uninstallation
Reviewed-By: David Kupka <dkupka@redhat.com>
| -rw-r--r-- | ipatests/test_integration/test_caless.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ipatests/test_integration/test_caless.py b/ipatests/test_integration/test_caless.py index 047917b25..2b4ceee7c 100644 --- a/ipatests/test_integration/test_caless.py +++ b/ipatests/test_integration/test_caless.py @@ -54,6 +54,17 @@ def get_replica_prepare_stdin(cert_passwords=()): return '\n'.join(lines + ['']) +def ipa_certs_cleanup(host): + host.run_command(['certutil', '-d', paths.NSS_DB_DIR, '-D', + '-n', 'External CA cert'], + raiseonerr=False) + # A workaround for https://fedorahosted.org/freeipa/ticket/4639 + result = host.run_command(['certutil', '-L', '-d', + paths.HTTPD_ALIAS_DIR]) + for rawcert in result.stdout_text.split('\n')[4: -1]: + cert = rawcert.split(' ')[0] + host.run_command(['certutil', '-D', '-d', paths.HTTPD_ALIAS_DIR, + '-n', cert]) class CALessBase(IntegrationTest): @classmethod def install(cls, mh): |