URL: https://github.com/freeipa/freeipa/pull/371 Author: frasertweedale Title: #371: Set up DS TLS on replica in CA-less topology Action: opened
PR body: """ Fixes: https://fedorahosted.org/freeipa/ticket/6226 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/371/head:pr371 git checkout pr371
From 23bfb40e4037d9c14077cd3d472cf69f008e5c0a Mon Sep 17 00:00:00 2001 From: Fraser Tweedale <ftwee...@redhat.com> Date: Tue, 20 Dec 2016 23:29:22 +1000 Subject: [PATCH] Set up DS TLS on replica in CA-less topology Fixes: https://fedorahosted.org/freeipa/ticket/6226 --- ipaserver/install/dsinstance.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 26cd246..1d3ae2e 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -393,7 +393,9 @@ def create_replica(self, realm_name, master_fqdn, fqdn, if self.promote: self.step("creating DS keytab", self.__get_ds_keytab) - if self.ca_is_configured: + if self.pkcs12_info: + self.step("configuring ssl for ds instance", self.__enable_ssl) + else: self.step("retrieving DS Certificate", self.__get_ds_cert) self.step("restarting directory server", self.__restart_instance)
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code