URL: https://github.com/freeipa/freeipa/pull/291 Author: jcholast Title: #291: replica install: track the RA agent certificate again Action: opened
PR body: """ During the rebase of commit 822e1bc82af3a6c1556546c4fbe96eeafad45762 on top of commit 808b1436b4158cb6f926ac2b5bd0979df6ea7e9f, the call to track the RA agent certificate with certmonger was accidentally removed from ipa-replica-install. Put the call back so that the certificate is tracked after replica install. https://fedorahosted.org/freeipa/ticket/6392 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/291/head:pr291 git checkout pr291
From 0de63c3588c09bde309a409ba57fd7778663850a Mon Sep 17 00:00:00 2001 From: Jan Cholasta <jchol...@redhat.com> Date: Wed, 30 Nov 2016 12:25:24 +0100 Subject: [PATCH] replica install: track the RA agent certificate again During the rebase of commit 822e1bc82af3a6c1556546c4fbe96eeafad45762 on top of commit 808b1436b4158cb6f926ac2b5bd0979df6ea7e9f, the call to track the RA agent certificate with certmonger was accidentally removed from ipa-replica-install. Put the call back so that the certificate is tracked after replica install. https://fedorahosted.org/freeipa/ticket/6392 --- ipaserver/install/cainstance.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 1aa6b8d..6b2b272 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -647,7 +647,7 @@ def enable_pkix(self): 'NSS_ENABLE_PKIX_VERIFY', '1', quotes=False, separator='=') - def import_ra_cert(self, rafile, configure_renewal=True): + def import_ra_cert(self, rafile): """ Cloned RAs will use the same RA agent cert as the master so we need to import from a PKCS#12 file. @@ -663,11 +663,15 @@ def import_ra_cert(self, rafile, configure_renewal=True): finally: os.remove(agent_name) + self.configure_agent_renewal() + def __import_ra_key(self): custodia = custodiainstance.CustodiaInstance(host_name=self.fqdn, realm=self.realm) custodia.import_ra_key(self.master_host) + self.configure_agent_renewal() + def __create_ca_agent(self): """ Create CA agent, assign a certificate, and add the user to
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code