From ba071e757dc3b38b524af0212ec1a6a1b0208d83 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Mon, 20 Apr 2015 23:20:19 -0400 Subject: Install CA with LDAP profiles backend Install the Dogtag CA to use the LDAPProfileSubsystem instead of the default (file-based) ProfileSubsystem. Part of: https://fedorahosted.org/freeipa/ticket/4560 Reviewed-By: Martin Basti --- freeipa.spec.in | 6 +++--- ipaserver/install/cainstance.py | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/freeipa.spec.in b/freeipa.spec.in index 09dd66eec..2f2592349 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -92,7 +92,7 @@ BuildRequires: python-backports-ssl_match_hostname BuildRequires: softhsm-devel >= 2.0.0b1-3 BuildRequires: openssl-devel BuildRequires: p11-kit-devel -BuildRequires: pki-base >= 10.2.1-0.1 +BuildRequires: pki-base >= 10.2.4-1 BuildRequires: python-pytest-multihost >= 0.5 BuildRequires: python-pytest-sourceorder @@ -135,8 +135,8 @@ Requires(post): systemd-units Requires: selinux-policy >= %{selinux_policy_version} Requires(post): selinux-policy-base Requires: slapi-nis >= 0.54.2-1 -Requires: pki-ca >= 10.2.1-0.2 -Requires: pki-kra >= 10.2.1-0.1 +Requires: pki-ca >= 10.2.4-1 +Requires: pki-kra >= 10.2.4-1 Requires(preun): python systemd-units Requires(postun): python systemd-units Requires: python-dns >= 1.11.1 diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 513394068..030c9f12d 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -503,6 +503,7 @@ class CAInstance(DogtagInstance): config.set("CA", "pki_restart_configured_instance", "False") config.set("CA", "pki_backup_keys", "True") config.set("CA", "pki_backup_password", self.admin_password) + config.set("CA", "pki_profiles_in_ldap", "True") # Client security database config.set("CA", "pki_client_database_dir", self.agent_db) -- cgit