On Tue, 2013-10-15 at 11:37 +0200, Martin Basti wrote: > Added warning if cert. exists (client) > > https://fedorahosted.org/freeipa/ticket/3944 > _______________________________________________ > Freeipa-devel mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-devel
Supress warning if user select /etc/ipa/ca.crt manually with --ca-cert-file option -- Martin Basti
>From 129183b1d8237eca61bd9219d7c44a84e1747cce Mon Sep 17 00:00:00 2001 From: Martin Basti <[email protected]> Date: Tue, 15 Oct 2013 11:31:49 +0200 Subject: [PATCH] Added warning if cert '/etc/ipa/ca.cert' exists https://fedorahosted.org/freeipa/ticket/3944 --- ipa-client/ipa-install/ipa-client-install | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 3c78c844b17468f347ef04198d58a12b11e4b4cb..00a45a8929783d3e0f71171a6a149f5633396f53 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -1889,6 +1889,12 @@ def install(options, env, fstore, statestore): root_logger.warning("Option 'force-join' has no additional effect " "when used with together with option 'keytab'.") + # Check if old certificate exist and show warning + if not options.ca_cert_file and get_cert_path(options.ca_cert_file) == CACERT: + root_logger.warning("Certificate '%s' exists and will be used. " + "Make sure that certificate is valid (or remove it), " + "otherwise client will not be able to join.", CACERT) + # Create the discovery instance ds = ipadiscovery.IPADiscovery() -- 1.8.3.1
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
