|
 |
2737e7 |
From ab325034a6d837cc51db2aa029498fa222e9d4e7 Mon Sep 17 00:00:00 2001
|
|
|
2737e7 |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
2737e7 |
Date: Fri, 6 Jul 2018 09:26:19 -0400
|
|
|
2737e7 |
Subject: [PATCH] replicainstall: DS SSL replica install pick right certmonger
|
|
|
2737e7 |
host
|
|
|
2737e7 |
|
|
|
2737e7 |
Extend fix 0f31564b35aac250456233f98730811560eda664 to also move
|
|
|
2737e7 |
the DS SSL setup so that the xmlrpc_uri is configured to point
|
|
|
2737e7 |
to the remote master we are configuring against.
|
|
|
2737e7 |
|
|
|
2737e7 |
https://pagure.io/freeipa/issue/7566
|
|
|
2737e7 |
|
|
|
2737e7 |
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
|
|
2737e7 |
Reviewed-By: Tibor Dudlak <tdudlak@redhat.com>
|
|
|
2737e7 |
---
|
|
|
2737e7 |
ipaserver/install/server/replicainstall.py | 14 +++++++-------
|
|
|
2737e7 |
1 file changed, 7 insertions(+), 7 deletions(-)
|
|
|
2737e7 |
|
|
|
2737e7 |
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
|
|
|
2737e7 |
index 59fec452c674b9941ce731748dd63985a08fefc0..a47412e39b9e2c603206c56a935de17321c71e91 100644
|
|
|
2737e7 |
--- a/ipaserver/install/server/replicainstall.py
|
|
|
2737e7 |
+++ b/ipaserver/install/server/replicainstall.py
|
|
|
2737e7 |
@@ -1444,15 +1444,12 @@ def install(installer):
|
|
|
2737e7 |
pkcs12_info=pkinit_pkcs12_info,
|
|
|
2737e7 |
promote=promote)
|
|
|
2737e7 |
|
|
|
2737e7 |
- # we now need to enable ssl on the ds
|
|
|
2737e7 |
- ds.enable_ssl()
|
|
|
2737e7 |
-
|
|
|
2737e7 |
if promote:
|
|
|
2737e7 |
# We need to point to the master when certmonger asks for
|
|
|
2737e7 |
- # HTTP certificate.
|
|
|
2737e7 |
- # During http installation, the HTTP/hostname principal is created
|
|
|
2737e7 |
- # locally then the installer waits for the entry to appear on the
|
|
|
2737e7 |
- # master selected for the installation.
|
|
|
2737e7 |
+ # a DS or HTTP certificate.
|
|
|
2737e7 |
+ # During http installation, the <service>/hostname principal is
|
|
|
2737e7 |
+ # created locally then the installer waits for the entry to appear
|
|
|
2737e7 |
+ # on the master selected for the installation.
|
|
|
2737e7 |
# In a later step, the installer requests a SSL certificate through
|
|
|
2737e7 |
# Certmonger (and the op adds the principal if it does not exist yet).
|
|
|
2737e7 |
# If xmlrpc_uri points to the soon-to-be replica,
|
|
|
2737e7 |
@@ -1466,6 +1463,9 @@ def install(installer):
|
|
|
2737e7 |
create_ipa_conf(fstore, config, ca_enabled,
|
|
|
2737e7 |
master=config.master_host_name)
|
|
|
2737e7 |
|
|
|
2737e7 |
+ # we now need to enable ssl on the ds
|
|
|
2737e7 |
+ ds.enable_ssl()
|
|
|
2737e7 |
+
|
|
|
2737e7 |
install_http(
|
|
|
2737e7 |
config,
|
|
|
2737e7 |
auto_redirect=not options.no_ui_redirect,
|
|
|
2737e7 |
--
|
|
|
2737e7 |
2.17.1
|
|
|
2737e7 |
|