diff options
author | Jan Cholasta <jcholast@redhat.com> | 2015-08-18 12:51:26 +0200 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-08-18 16:24:19 +0200 |
commit | ff1e66375c8fd7ac036220b0f6d5cf206fa36a6a (patch) | |
tree | 1ba467eaf8c660dc0a3af77b23c36058e850338a /ipaserver/install/server | |
parent | 31776755b47f44f894e4f2bb256aca1c5262b8a8 (diff) | |
download | freeipa-ff1e66375c8fd7ac036220b0f6d5cf206fa36a6a.tar.gz freeipa-ff1e66375c8fd7ac036220b0f6d5cf206fa36a6a.tar.xz freeipa-ff1e66375c8fd7ac036220b0f6d5cf206fa36a6a.zip |
install: Fix replica install with custom certificates
https://fedorahosted.org/freeipa/ticket/5226
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
Diffstat (limited to 'ipaserver/install/server')
-rw-r--r-- | ipaserver/install/server/replicainstall.py | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index ac0f6a32c..664a0baa0 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -573,14 +573,15 @@ def install(installer): otpd.create_instance('OTPD', config.host_name, config.dirman_password, ipautil.realm_to_suffix(config.realm_name)) - CA = cainstance.CAInstance( - config.realm_name, certs.NSS_DIR, - dogtag_constants=dogtag_constants) - CA.dm_password = config.dirman_password - - CA.configure_certmonger_renewal() - CA.import_ra_cert(config.dir + "/ra.p12") - CA.fix_ra_perms() + if ipautil.file_exists(config.dir + "/cacert.p12"): + CA = cainstance.CAInstance( + config.realm_name, certs.NSS_DIR, + dogtag_constants=dogtag_constants) + CA.dm_password = config.dirman_password + + CA.configure_certmonger_renewal() + CA.import_ra_cert(config.dir + "/ra.p12") + CA.fix_ra_perms() # The DS instance is created before the keytab, add the SSL cert we # generated |