diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2015-03-12 16:14:22 +0100 |
---|---|---|
committer | Tomas Babej <tbabej@redhat.com> | 2015-03-18 12:31:23 +0100 |
commit | 7b6bee030dac08807f254fdf58ba867c36cab23d (patch) | |
tree | 2dabcb943cbe957fbf7d950b76fc4ec70af4ba30 /ipaserver/install/dnskeysyncinstance.py | |
parent | a58b77ca9cd3620201306258dd6bd05ea1c73c73 (diff) | |
download | freeipa-7b6bee030dac08807f254fdf58ba867c36cab23d.tar.gz freeipa-7b6bee030dac08807f254fdf58ba867c36cab23d.tar.xz freeipa-7b6bee030dac08807f254fdf58ba867c36cab23d.zip |
ipa-dns-install: use STARTTLS to connect to DS
BindInstance et al. now use STARTTLS to set up secure connection to DS during
ipa-dns-install. This fixes https://fedorahosted.org/freeipa/ticket/4933
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipaserver/install/dnskeysyncinstance.py')
-rw-r--r-- | ipaserver/install/dnskeysyncinstance.py | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py index 090c87505..eb6d07f01 100644 --- a/ipaserver/install/dnskeysyncinstance.py +++ b/ipaserver/install/dnskeysyncinstance.py @@ -62,13 +62,14 @@ def dnssec_container_exists(fqdn, suffix, dm_password=None, ldapi=False, class DNSKeySyncInstance(service.Service): def __init__(self, fstore=None, dm_password=None, logger=root_logger, - ldapi=False): + ldapi=False, start_tls=False): service.Service.__init__( self, "ipa-dnskeysyncd", service_desc="DNS key synchronization service", dm_password=dm_password, - ldapi=ldapi - ) + ldapi=ldapi, + start_tls=start_tls + ) self.dm_password = dm_password self.logger = logger self.extra_config = [u'dnssecVersion 1', ] # DNSSEC enabled |