diff options
-rw-r--r-- | ipaserver/install/ca.py | 3 | ||||
-rw-r--r-- | ipaserver/install/cainstance.py | 6 |
2 files changed, 7 insertions, 2 deletions
diff --git a/ipaserver/install/ca.py b/ipaserver/install/ca.py index a033e233a..10352c9e9 100644 --- a/ipaserver/install/ca.py +++ b/ipaserver/install/ca.py @@ -188,7 +188,8 @@ def install_step_0(standalone, replica_config, options): master_replication_port=master_replication_port, ra_p12=ra_p12, ra_only=ra_only, - promote=promote) + promote=promote, + use_ldaps=standalone) def install_step_1(standalone, replica_config, options): diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 97eb39206..9a42d8e01 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -330,7 +330,7 @@ class CAInstance(DogtagInstance): master_replication_port=None, subject_base=None, ca_signing_algorithm=None, ca_type=None, ra_p12=None, ra_only=False, - promote=False): + promote=False, use_ldaps=False): """Create a CA instance. To create a clone, pass in pkcs12_info. @@ -363,6 +363,7 @@ class CAInstance(DogtagInstance): else: self.ca_type = 'generic' self.no_db_setup = promote + self.use_ldaps = use_ldaps # Determine if we are installing as an externally-signed CA and # what stage we're in. @@ -495,6 +496,9 @@ class CAInstance(DogtagInstance): config.set("CA", "pki_ds_base_dn", self.basedn) config.set("CA", "pki_ds_database", "ipaca") + if self.use_ldaps: + self._use_ldaps_during_spawn(config) + # Certificate subject DN's config.set("CA", "pki_subsystem_subject_dn", str(DN(('cn', 'CA Subsystem'), self.subject_base))) |