[Freeipa-devel] [PATCH] 094 Fix self-signed replica installation

Thu, 14 Jul 2011 05:12:21 -0700 

When a replica for self-signed server is being installed, the
installer crashes with "Not a dogtag CA installation". Make sure
that installation is handled correctly for both dogtag and
self-signed replicas.

https://fedorahosted.org/freeipa/ticket/1479


>From 30b0ef2e61207a5accff0017061bc5c3cc91e4e7 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Thu, 14 Jul 2011 14:09:53 +0200
Subject: [PATCH] Fix self-signed replica installation

When a replica for self-signed server is being installed, the
installer crashes with "Not a dogtag CA installation". Make sure
that installation is handled correctly for both dogtag and
self-signed replicas.

https://fedorahosted.org/freeipa/ticket/1479
---
 install/tools/ipa-ca-install    |    4 ++++
 ipaserver/install/cainstance.py |    4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install
index edd8f4cfda6db4bd8fad98023fe9b5f1a76fb593..e6adae057b1e8ce6161833e3678e5447fe75d1be 100755
--- a/install/tools/ipa-ca-install
+++ b/install/tools/ipa-ca-install
@@ -134,6 +134,10 @@ def main():
     # Configure the CA if necessary
     (CA, cs) = cainstance.install_replica_ca(config, postinstall=True)
 
+    if not CA:
+        # not a dogtag CA replica
+        sys.exit("Not a dogtag CA installation!")
+
     # We need to ldap_enable the CA now that DS is up and running
     CA.ldap_enable('CA', config.host_name, config.dirman_password,
                    util.realm_to_suffix(config.realm_name))
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 4ace26db5a99afda26cfd023887eb71f48c69d55..fbc566a289487580beec9c1cef64160338b25afb 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -1109,8 +1109,8 @@ def install_replica_ca(config, postinstall=False):
     cafile = config.dir + "/cacert.p12"
 
     if not ipautil.file_exists(cafile):
-        # not a dogtag CA replica
-        sys.exit('Not a dogtag CA installation')
+        # self-signed replica
+        return (None, None)
 
     if not config.setup_ca:
         # We aren't configuring the CA in this step but we still need
-- 
1.7.6


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to