summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/plugins
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2017-02-16 11:13:13 +0100
committerJan Cholasta <jcholast@redhat.com>2017-02-20 13:00:50 +0000
commit97e838e10da3b42e3605d230e0b8e01b9148876f (patch)
tree6158e278206a6e66d976a40a49a39624e9f5ea02 /ipaserver/install/plugins
parentba8a10fbdb39cab672038e1a6dc9c7507070cdf9 (diff)
downloadfreeipa-97e838e10da3b42e3605d230e0b8e01b9148876f.tar.gz
freeipa-97e838e10da3b42e3605d230e0b8e01b9148876f.tar.xz
freeipa-97e838e10da3b42e3605d230e0b8e01b9148876f.zip
server upgrade: fix upgrade from pre-4.0
update_ca_renewal_master uses ipaCert certmonger tracking information to decide whether the local server is the CA renewal master or not. The information is lost when migrating from /etc/httpd/alias to /var/lib/ipa/radb in update_ra_cert_store. Make sure update_ra_cert_store is executed after update_ca_renewal_master so that correct information is used. https://fedorahosted.org/freeipa/ticket/5959 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Diffstat (limited to 'ipaserver/install/plugins')
-rw-r--r--ipaserver/install/plugins/ca_renewal_master.py2
1 files changed, 1 insertions, 1 deletions
diff --git a/ipaserver/install/plugins/ca_renewal_master.py b/ipaserver/install/plugins/ca_renewal_master.py
index 4fa4edb12..2447a3406 100644
--- a/ipaserver/install/plugins/ca_renewal_master.py
+++ b/ipaserver/install/plugins/ca_renewal_master.py
@@ -74,7 +74,7 @@ class update_ca_renewal_master(Updater):
return False, []
criteria = {
- 'cert-database': paths.IPA_RADB_DIR,
+ 'cert-database': paths.HTTPD_ALIAS_DIR,
'cert-nickname': 'ipaCert',
}
request_id = certmonger.get_request_id(criteria)
generated by cgit (git 2.34.1) at 2026-01-06 05:05:31 +0000