diff options
author | Simo Sorce <simo@redhat.com> | 2016-12-22 13:34:34 -0500 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2017-02-15 07:13:37 +0100 |
commit | c2b1b2a36200b50babfda1eca37fb4b51fefa9c6 (patch) | |
tree | 1cd81a044816481796f3fe0f346ac9b3786325bf /ipaserver/install/server/upgrade.py | |
parent | f648c5631afa5e7954eee9a84fb1222d3bce3bf1 (diff) | |
download | freeipa-c2b1b2a36200b50babfda1eca37fb4b51fefa9c6.tar.gz freeipa-c2b1b2a36200b50babfda1eca37fb4b51fefa9c6.tar.xz freeipa-c2b1b2a36200b50babfda1eca37fb4b51fefa9c6.zip |
Always use /etc/ipa/ca.crt as CA cert file
It seem like ALIAS_CACERT_ASC was just a redundant location for the CA
cert file which is always available in /etc/ipa/ca.crt
Just use the canonical CA cert location in /etc/ipa for all cases and
stop creating a separate cacert file.
https://fedorahosted.org/freeipa/ticket/5959
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/install/server/upgrade.py')
-rw-r--r-- | ipaserver/install/server/upgrade.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index 549158270..f116e856a 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -185,7 +185,7 @@ def check_certs(): """Check ca.crt is in the right place, and try to fix if not""" root_logger.info('[Verifying that root certificate is published]') if not os.path.exists(paths.CA_CRT): - ca_file = paths.ALIAS_CACERT_ASC + ca_file = paths.IPA_CA_CRT if os.path.exists(ca_file): old_umask = os.umask(0o22) # make sure its readable by httpd try: |