On Mon, 22 Nov 2010 13:34:57 -0500 Simo Sorce <sso...@redhat.com> wrote:
> > Fixes #527 > > Simo. > A copy&paste from ipa-server-install was a bit too optimistic. Attached a new patch that actually works (tested). Simo. -- Simo Sorce * Red Hat, Inc * New York
>From ee86bee78184bf7a647243492dfcd1a97e402545 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Mon, 22 Nov 2010 13:29:56 -0500 Subject: [PATCH] Make pkinit setup optional in ipa-replica-prepare too. Fixes: https://fedorahosted.org/freeipa/ticket/527 --- install/tools/ipa-replica-prepare | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare index af768015510f47eacfd7643359216a9f49497020..d70741f1a1208ca6a2a1a6cad4d09ae4962b8040 100755 --- a/install/tools/ipa-replica-prepare +++ b/install/tools/ipa-replica-prepare @@ -242,6 +242,11 @@ def main(): api.bootstrap(in_server=True) api.finalize() + #Automatically disable pkinit w/ dogtag until that is supported + #[certs.ipa_self_signed() must be called only after api.finalize()] + if not options.pkinit_pkcs12 and not certs.ipa_self_signed(): + options.setup_pkinit = False + if options.ip_address: if not bindinstance.dns_container_exists(api.env.host, api.env.realm): print "You can't add a DNS record because DNS is not set up." -- 1.7.3.2
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
