|
 |
f65af0 |
From 44ec2e641c809afbed96bcde2a31388a37a7ec32 Mon Sep 17 00:00:00 2001
|
|
|
979ee0 |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
979ee0 |
Date: Fri, 6 Jul 2018 09:26:19 -0400
|
|
|
979ee0 |
Subject: [PATCH] replicainstall: DS SSL replica install pick right certmonger
|
|
|
979ee0 |
host
|
|
|
979ee0 |
|
|
|
979ee0 |
Extend fix 0f31564b35aac250456233f98730811560eda664 to also move
|
|
|
979ee0 |
the DS SSL setup so that the xmlrpc_uri is configured to point
|
|
|
979ee0 |
to the remote master we are configuring against.
|
|
|
979ee0 |
|
|
|
979ee0 |
https://pagure.io/freeipa/issue/7566
|
|
|
979ee0 |
|
|
|
979ee0 |
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
|
|
f65af0 |
Reviewed-By: Christian Heimes <cheimes@redhat.com>
|
|
|
979ee0 |
---
|
|
|
979ee0 |
ipaserver/install/server/replicainstall.py | 14 +++++++-------
|
|
|
979ee0 |
1 file changed, 7 insertions(+), 7 deletions(-)
|
|
|
979ee0 |
|
|
|
979ee0 |
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
|
|
|
f65af0 |
index 387d4ca85d9ad41db3ce2d9bc2ae67ba11836ada..542e1d4d145f266d6fd9ad8e0eaffcb12e8f6bc6 100644
|
|
|
979ee0 |
--- a/ipaserver/install/server/replicainstall.py
|
|
|
979ee0 |
+++ b/ipaserver/install/server/replicainstall.py
|
|
|
f65af0 |
@@ -1448,15 +1448,12 @@ def install(installer):
|
|
|
979ee0 |
pkcs12_info=pkinit_pkcs12_info,
|
|
|
979ee0 |
promote=promote)
|
|
|
979ee0 |
|
|
|
979ee0 |
- # we now need to enable ssl on the ds
|
|
|
979ee0 |
- ds.enable_ssl()
|
|
|
979ee0 |
-
|
|
|
979ee0 |
if promote:
|
|
|
979ee0 |
# We need to point to the master when certmonger asks for
|
|
|
979ee0 |
- # HTTP certificate.
|
|
|
979ee0 |
- # During http installation, the HTTP/hostname principal is created
|
|
|
979ee0 |
- # locally then the installer waits for the entry to appear on the
|
|
|
979ee0 |
- # master selected for the installation.
|
|
|
979ee0 |
+ # a DS or HTTP certificate.
|
|
|
979ee0 |
+ # During http installation, the <service>/hostname principal is
|
|
|
979ee0 |
+ # created locally then the installer waits for the entry to appear
|
|
|
979ee0 |
+ # on the master selected for the installation.
|
|
|
979ee0 |
# In a later step, the installer requests a SSL certificate through
|
|
|
979ee0 |
# Certmonger (and the op adds the principal if it does not exist yet).
|
|
|
979ee0 |
# If xmlrpc_uri points to the soon-to-be replica,
|
|
|
f65af0 |
@@ -1470,6 +1467,9 @@ def install(installer):
|
|
|
979ee0 |
create_ipa_conf(fstore, config, ca_enabled,
|
|
|
979ee0 |
master=config.master_host_name)
|
|
|
979ee0 |
|
|
|
979ee0 |
+ # we now need to enable ssl on the ds
|
|
|
979ee0 |
+ ds.enable_ssl()
|
|
|
979ee0 |
+
|
|
|
979ee0 |
install_http(
|
|
|
979ee0 |
config,
|
|
|
979ee0 |
auto_redirect=not options.no_ui_redirect,
|
|
|
979ee0 |
--
|
|
|
979ee0 |
2.17.1
|
|
|
979ee0 |
|