diff options
| author | Christian Heimes <cheimes@redhat.com> | 2016-07-01 10:21:06 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2016-08-03 19:20:42 +0200 |
| commit | 1de92b13266b7ac748581f963d8fe7bdb87d1563 (patch) | |
| tree | 2b60c38c1207cc1505711be2428b7cc6863edca2 /ipaplatform | |
| parent | 229e2a1ed9ea9877cb5e879fadd99f9040f77c96 (diff) | |
| download | freeipa-1de92b13266b7ac748581f963d8fe7bdb87d1563.tar.gz freeipa-1de92b13266b7ac748581f963d8fe7bdb87d1563.tar.xz freeipa-1de92b13266b7ac748581f963d8fe7bdb87d1563.zip | |
RedHatCAService should wait for local Dogtag instance
RedHatCAService.wait_until_running() uses dogtag.ca_status() to make a
HTTP(s) request to Dogtag in order to check if /ca/admin/ca/getStatus
returns OK. The ca_status() function defaults to api.env.ca_host as
host.
On a replica without CA ca_host is a remote host (e.g. master's
FQDN). ipa-ca-install waits for master:8080 instead of replica:8080,
which might be blocked by a firewall.
https://fedorahosted.org/freeipa/ticket/6016
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipaplatform')
| -rw-r--r-- | ipaplatform/redhat/services.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ipaplatform/redhat/services.py b/ipaplatform/redhat/services.py index 849737059..24325347c 100644 --- a/ipaplatform/redhat/services.py +++ b/ipaplatform/redhat/services.py @@ -199,7 +199,8 @@ class RedHatCAService(RedHatService): op_timeout = time.time() + timeout while time.time() < op_timeout: try: - status = dogtag.ca_status() + # check status of CA instance on this host, not remote ca_host + status = dogtag.ca_status(api.env.host) except Exception as e: status = 'check interrupted due to error: %s' % e root_logger.debug('The CA status is: %s' % status) |