diff options
-rw-r--r-- | ipaserver/install/cainstance.py | 4 | ||||
-rw-r--r-- | ipaserver/install/server/replicainstall.py | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 692cac00f..8378aea47 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -1344,12 +1344,8 @@ class CAInstance(DogtagInstance): self.step("setting audit signing renewal to 2 years", self.set_audit_renewal) - self.step("configure certmonger for renewals", - self.configure_certmonger_renewal) self.step("configure certificate renewals", self.configure_renewal) - self.step("configure RA certificate renewal", - self.configure_agent_renewal) self.step("configure Server-Cert certificate renewal", self.track_servercert) self.step("Configure HTTP to proxy connections", diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 311f0e577..1d5b528c8 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -1316,6 +1316,14 @@ def promote(installer): installer._ca_enabled) custodia.create_replica(config.master_host_name) + if installer._ca_enabled: + CA = cainstance.CAInstance(config.realm_name, certs.NSS_DIR) + + CA.configure_certmonger_renewal() + CA.configure_agent_renewal() + cainstance.export_kra_agent_pem() + CA.fix_ra_perms() + krb = install_krb(config, setup_pkinit=not options.no_pkinit, promote=True) |