summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ipaserver/install/ca.py3
-rw-r--r--ipaserver/install/cainstance.py6
2 files changed, 7 insertions, 2 deletions
diff --git a/ipaserver/install/ca.py b/ipaserver/install/ca.py
index a033e233a..10352c9e9 100644
--- a/ipaserver/install/ca.py
+++ b/ipaserver/install/ca.py
@@ -188,7 +188,8 @@ def install_step_0(standalone, replica_config, options):
master_replication_port=master_replication_port,
ra_p12=ra_p12,
ra_only=ra_only,
- promote=promote)
+ promote=promote,
+ use_ldaps=standalone)
def install_step_1(standalone, replica_config, options):
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 97eb39206..9a42d8e01 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -330,7 +330,7 @@ class CAInstance(DogtagInstance):
master_replication_port=None,
subject_base=None, ca_signing_algorithm=None,
ca_type=None, ra_p12=None, ra_only=False,
- promote=False):
+ promote=False, use_ldaps=False):
"""Create a CA instance.
To create a clone, pass in pkcs12_info.
@@ -363,6 +363,7 @@ class CAInstance(DogtagInstance):
else:
self.ca_type = 'generic'
self.no_db_setup = promote
+ self.use_ldaps = use_ldaps
# Determine if we are installing as an externally-signed CA and
# what stage we're in.
@@ -495,6 +496,9 @@ class CAInstance(DogtagInstance):
config.set("CA", "pki_ds_base_dn", self.basedn)
config.set("CA", "pki_ds_database", "ipaca")
+ if self.use_ldaps:
+ self._use_ldaps_during_spawn(config)
+
# Certificate subject DN's
config.set("CA", "pki_subsystem_subject_dn",
str(DN(('cn', 'CA Subsystem'), self.subject_base)))