diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-03-10 11:02:50 -0500 |
---|---|---|
committer | Jason Gerard DeRose <jderose@redhat.com> | 2010-03-19 04:41:05 -0600 |
commit | 99cb2fe64a4d6969178544601cb5ba694e65132b (patch) | |
tree | 5c4d1921d2ad5f3c6d4d449439a5d6cf840d45dd /install/tools/ipa-server-certinstall | |
parent | 00f27fe8c965590624847967ae85167f01fa5307 (diff) | |
download | freeipa-99cb2fe64a4d6969178544601cb5ba694e65132b.tar.gz freeipa-99cb2fe64a4d6969178544601cb5ba694e65132b.tar.xz freeipa-99cb2fe64a4d6969178544601cb5ba694e65132b.zip |
Initialize the api so imports work, trust all CAs included in the PKCS#12.
Diffstat (limited to 'install/tools/ipa-server-certinstall')
-rwxr-xr-x | install/tools/ipa-server-certinstall | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/install/tools/ipa-server-certinstall b/install/tools/ipa-server-certinstall index 6ba073dd3..d02dbbbae 100755 --- a/install/tools/ipa-server-certinstall +++ b/install/tools/ipa-server-certinstall @@ -31,6 +31,7 @@ from ipapython.ipautil import user_input from ipaserver import ipaldap from ipaserver.install import certs, dsinstance, httpinstance, installutils +from ipalib import api def get_realm_name(): c = krbV.default_context() @@ -100,6 +101,7 @@ def import_cert(dirname, pkcs12_fname, pkcs12_passwd, db_password): try: try: cdb.import_pkcs12(pkcs12_fname, pw_name) + ca_names = cdb.find_root_cert_from_pkcs12(pkcs12_fname, pw_name) except RuntimeError, e: print str(e) sys.exit(1) @@ -115,13 +117,19 @@ def import_cert(dirname, pkcs12_fname, pkcs12_passwd, db_password): else: server_cert = choose_server_cert(server_certs) - cdb.trust_root_cert(server_cert[0]) + for ca in ca_names: + cdb.trust_root_cert(ca) return server_cert def main(): options, pkcs12_fname = parse_options() + cfg = dict(in_server=True,) + + api.bootstrap(**cfg) + api.finalize() + try: if options.dirsrv: dm_password = getpass.getpass("Directory Manager password: ") |