URL: https://github.com/freeipa/freeipa/pull/355
Author: frasertweedale
 Title: #355: Set up DS TLS on replica in CA-less topology
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/355/head:pr355
git checkout pr355
From 34ca89d344c623432dfec1bb04f4776cd9546eb6 Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <ftwee...@redhat.com>
Date: Tue, 20 Dec 2016 23:29:22 +1000
Subject: [PATCH] Set up DS TLS on replica in CA-less topology

Fixes: https://fedorahosted.org/freeipa/ticket/6226
---
 ipaserver/install/dsinstance.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index bcfcb05..2ac1041 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -390,7 +390,9 @@ def create_replica(self, realm_name, master_fqdn, fqdn,
 
         self.step("creating DS keytab", self._request_service_keytab)
         if self.promote:
-            if self.ca_is_configured:
+            if self.pkcs12_info:
+                self.step("configuring ssl for ds instance", self.__enable_ssl)
+            else:
                 self.step("retrieving DS Certificate", self.__get_ds_cert)
             self.step("restarting directory server", self.__restart_instance)
 
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to