Set up DS TLS on replica in CA-less topology

Fixes: https://fedorahosted.org/freeipa/ticket/6226 Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
author: Fraser Tweedale <ftweedal@redhat.com> 2016-12-20 23:29:22 +1000
committer: Martin Basti <mbasti@redhat.com> 2017-01-05 10:17:00 +0100
commit: 6f7d982fe2e2d2f042e85710b8d8d59167e5796f (patch)
tree: a914d9234e007756157fdbc642cd61315b7a7618
parent: 987d24f784e05e911bf4e87bd1156abb1dd56210 (diff)
download: freeipa-6f7d982fe2e2d2f042e85710b8d8d59167e5796f.tar.gz
freeipa-6f7d982fe2e2d2f042e85710b8d8d59167e5796f.tar.xz
freeipa-6f7d982fe2e2d2f042e85710b8d8d59167e5796f.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index bcfcb0500..2ac1041e1 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -390,7 +390,9 @@ class DsInstance(service.Service):
 
         self.step("creating DS keytab", self._request_service_keytab)
         if self.promote:
-            if self.ca_is_configured:
+            if self.pkcs12_info:
+                self.step("configuring ssl for ds instance", self.__enable_ssl)
+            else:
                 self.step("retrieving DS Certificate", self.__get_ds_cert)
             self.step("restarting directory server", self.__restart_instance)
author	Fraser Tweedale <ftweedal@redhat.com>	2016-12-20 23:29:22 +1000
committer	Martin Basti <mbasti@redhat.com>	2017-01-05 10:17:00 +0100
commit	6f7d982fe2e2d2f042e85710b8d8d59167e5796f (patch)
tree	a914d9234e007756157fdbc642cd61315b7a7618
parent	987d24f784e05e911bf4e87bd1156abb1dd56210 (diff)
download	freeipa-6f7d982fe2e2d2f042e85710b8d8d59167e5796f.tar.gz freeipa-6f7d982fe2e2d2f042e85710b8d8d59167e5796f.tar.xz freeipa-6f7d982fe2e2d2f042e85710b8d8d59167e5796f.zip