On pe, 23 elo 2019, lune voo wrote:
Hello Alexander.Thank you for your answer. Do you know if I will have any problem with the certificate to connect to the server ? Generally there is a ca.crt in /etc/ipa/ca.crt, does it need to be included in the virtual environment also ?
See manual page for ipa(1) tool, it documents use of IPA_CONFDIR to specify /etc/ipa location. However, /etc/ipa/ca.crt is not configurable this way, only through ipaplatform.paths.IPA_CA_CRT value. $ python3Python 3.7.4 (default, Jul 9 2019, 16:32:37) [GCC 9.1.1 20190503 (Red Hat 9.1.1-1)] on linux
Type "help", "copyright", "credits" or "license" for more information.
from ipaplatform.paths import paths paths.IPA_CA_CRT
'/etc/ipa/ca.crt'
paths.IPA_CA_CRT="./my.ca.crt" from ipaclient.discovery import IPADiscovery discover = IPADiscovery() discover.search("vda.li", ca_cert_path=paths.IPA_CA_CRT)
0
discover.realm
'VDA.LI'
discover.basedn
ipapython.dn.DN('dc=vda,dc=li')
So, for most of Python code you can redefine paths. But for ipa-join and other binaries you cannot. -- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
