Hi,

the attached patch fixes <https://fedorahosted.org/freeipa/ticket/4300>.

Honza

--
Jan Cholasta
>From 7439c75bc2db63ebf2268a02e4972fefbc7d828a Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Tue, 8 Apr 2014 13:12:47 +0200
Subject: [PATCH] Fix upload of CA certificate to LDAP in CA-less install.

https://fedorahosted.org/freeipa/ticket/4300
---
 ipaserver/install/dsinstance.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index be8c5c4..9256c12 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -233,6 +233,7 @@ class DsInstance(service.Service):
         self.domain = domain_name
         self.serverid = None
         self.pkcs12_info = None
+        self.cacert_name = None
         self.ca_is_configured = True
         self.dercert = None
         self.idstart = None
@@ -642,6 +643,8 @@ class DsInstance(service.Service):
                 nickname, self.fqdn, cadb)
             dsdb.create_pin_file()
 
+        self.cacert_name = dsdb.cacert_name
+
         if self.ca_is_configured:
             dsdb.track_server_cert(
                 nickname, self.principal, dsdb.passwd_fname,
@@ -685,7 +688,7 @@ class DsInstance(service.Service):
         certdb = certs.CertDB(self.realm, nssdir=dirname,
                               subject_base=self.subject_base)
 
-        dercert = certdb.get_cert_from_db(certdb.cacert_name, pem=False)
+        dercert = certdb.get_cert_from_db(self.cacert_name, pem=False)
 
         conn = ipaldap.IPAdmin(self.fqdn)
         conn.do_simple_bind(DN(('cn', 'directory manager')), self.dm_password)
-- 
1.8.5.3

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to