URL: https://github.com/freeipa/freeipa/pull/355 Author: frasertweedale Title: #355: Set up DS TLS on replica in CA-less topology Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/355/head:pr355 git checkout pr355
From 34ca89d344c623432dfec1bb04f4776cd9546eb6 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale <ftwee...@redhat.com> Date: Tue, 20 Dec 2016 23:29:22 +1000 Subject: [PATCH] Set up DS TLS on replica in CA-less topology Fixes: https://fedorahosted.org/freeipa/ticket/6226 --- ipaserver/install/dsinstance.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index bcfcb05..2ac1041 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -390,7 +390,9 @@ def create_replica(self, realm_name, master_fqdn, fqdn, self.step("creating DS keytab", self._request_service_keytab) if self.promote: - if self.ca_is_configured: + if self.pkcs12_info: + self.step("configuring ssl for ds instance", self.__enable_ssl) + else: self.step("retrieving DS Certificate", self.__get_ds_cert) self.step("restarting directory server", self.__restart_instance)
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
