URL: https://github.com/freeipa/freeipa/pull/690 Author: stlaz Title: #690: server-install: remove broken no-pkinit check Action: opened
PR body: """ Don't check for no-pkinit option in case pkinit cert file was provided. Setting no-pkinit is prohibited in this case, so without this fix we have an impossible option-check if we want to provide an own pkinit certificate and private key. https://pagure.io/freeipa/issue/6807 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/690/head:pr690 git checkout pr690
From 1eac866d04d804a77bded2e8768d4125f555c8a9 Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka <slazn...@redhat.com> Date: Tue, 4 Apr 2017 10:41:23 +0200 Subject: [PATCH] server-install: remove broken no-pkinit check Don't check for no-pkinit option in case pkinit cert file was provided. Setting no-pkinit is prohibited in this case, so without this fix we have an impossible option-check if we want to provide an own pkinit certificate and private key. https://pagure.io/freeipa/issue/6807 --- ipaserver/install/server/install.py | 5 ----- 1 file changed, 5 deletions(-) diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index d7eb0bf..714b86f 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -513,11 +513,6 @@ def install_check(installer): dirsrv_pkcs12_info = (dirsrv_pkcs12_file.name, dirsrv_pin) if options.pkinit_cert_files: - if not options.no_pkinit: - raise ScriptError("Cannot create KDC PKINIT certificate and use " - "provided external PKINIT certificate at the " - "same time. Please choose one of them.") - if options.pkinit_pin is None: options.pkinit_pin = read_password( "Enter Kerberos KDC private key unlock",
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
