diff options
| author | Stanislav Laznicka <slaznick@redhat.com> | 2017-01-02 17:00:00 +0100 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2017-03-01 09:43:41 +0000 |
| commit | 2a1494c9aef2e2b5c06e427e689787e5a2c4dc7f (patch) | |
| tree | 965aba505982685332984c7edb71ea50463355f2 /install/restart_scripts/renew_ra_cert | |
| parent | dfd560a190cb2ab13f34ed9e21c5fb5c6e793f18 (diff) | |
| download | freeipa-2a1494c9aef2e2b5c06e427e689787e5a2c4dc7f.tar.gz freeipa-2a1494c9aef2e2b5c06e427e689787e5a2c4dc7f.tar.xz freeipa-2a1494c9aef2e2b5c06e427e689787e5a2c4dc7f.zip | |
Move RA agent certificate file export to a different location
HTTPS connection to certificate server requires client authentication
so we need a file with client certificate and private key prior to
its first occurence which happens during migration of certificate
profiles to LDAP.
https://fedorahosted.org/freeipa/ticket/5695
https://fedorahosted.org/freeipa/ticket/6392
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'install/restart_scripts/renew_ra_cert')
| -rw-r--r-- | install/restart_scripts/renew_ra_cert | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/install/restart_scripts/renew_ra_cert b/install/restart_scripts/renew_ra_cert index d978f946c..4dc6c2e4f 100644 --- a/install/restart_scripts/renew_ra_cert +++ b/install/restart_scripts/renew_ra_cert @@ -29,7 +29,7 @@ import traceback from ipalib.install.kinit import kinit_keytab from ipalib import api -from ipaserver.install import certs, cainstance, krainstance +from ipaserver.install import certs, cainstance, dogtaginstance from ipaplatform.paths import paths @@ -61,7 +61,7 @@ def _main(): cainstance.update_people_entry(dercert) if api.Command.kra_is_enabled()['result']: - krainstance.export_kra_agent_pem() + dogtaginstance.export_ra_agent_pem() finally: shutil.rmtree(tmpdir) api.Backend.ldap2.disconnect() |