>From 13c564e106300f19ba59531ebdf3ba90b7b8ef35 Mon Sep 17 00:00:00 2001
From: Thorsten Scherf <tsch...@redhat.com>
Date: Tue, 15 Dec 2015 14:17:26 +0100
Subject: [PATCH] ipa-server-certinstall should not tell certmonger to track
 3rd party certs

There is no point in tracking a 3rd party cert, as it cannot be renewed
automatically.

https://fedorahosted.org/freeipa/ticket/4785
---
 ipaserver/install/ipa_server_certinstall.py | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/ipaserver/install/ipa_server_certinstall.py 
b/ipaserver/install/ipa_server_certinstall.py
index 
ac0b0274e4e36db4ea6fb695afb527e2b83a8c77..b5f317cd6328dbaec694b5eff6230f8a9fe302a7
 100644
--- a/ipaserver/install/ipa_server_certinstall.py
+++ b/ipaserver/install/ipa_server_certinstall.py
@@ -175,9 +175,6 @@ class ServerCertInstall(admintool.AdminTool):
             cdb.import_pkcs12(pkcs12_file.name, pin)
             server_cert = cdb.find_server_certs()[0][0]
 
-            if ca_enabled:
-                cdb.track_server_cert(server_cert, principal, cdb.passwd_fname,
-                                      command)
         except RuntimeError as e:
             raise admintool.ScriptError(str(e))
 
-- 
1.9.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to