pgreco / rpms / ipa

Forked from forks/areguera/rpms/ipa 4 years ago
Clone

Blame SOURCES/0139-Make-httpd-publish-its-CA-certificate-on-DL1.patch

fef02c
From 3ea5984f2806958dee1b94fe993d20b09f64b107 Mon Sep 17 00:00:00 2001
fef02c
From: Stanislav Laznicka <slaznick@redhat.com>
fef02c
Date: Tue, 11 Oct 2016 15:48:47 +0200
fef02c
Subject: [PATCH] Make httpd publish its CA certificate on DL1
fef02c
fef02c
httpd did not publish its certificate on DL1 which could
fef02c
cause issues during client installation in a rare corner
fef02c
case where there would be no way of getting the certificate
fef02c
but from a HTTP instance.
fef02c
fef02c
https://fedorahosted.org/freeipa/ticket/6393
fef02c
fef02c
Reviewed-By: Martin Basti <mbasti@redhat.com>
fef02c
---
fef02c
 ipaserver/install/httpinstance.py | 3 +--
fef02c
 1 file changed, 1 insertion(+), 2 deletions(-)
fef02c
fef02c
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
fef02c
index 00f890175ae583f485797da6f913a7f83b302df3..431671eaf55d4ac63dc01190e254931dac096dec 100644
fef02c
--- a/ipaserver/install/httpinstance.py
fef02c
+++ b/ipaserver/install/httpinstance.py
fef02c
@@ -175,8 +175,7 @@ class HTTPInstance(service.Service):
fef02c
         self.step("importing CA certificates from LDAP", self.__import_ca_certs)
fef02c
         if autoconfig:
fef02c
             self.step("setting up browser autoconfig", self.__setup_autoconfig)
fef02c
-        if not self.promote:
fef02c
-            self.step("publish CA cert", self.__publish_ca_cert)
fef02c
+        self.step("publish CA cert", self.__publish_ca_cert)
fef02c
         self.step("clean up any existing httpd ccache", self.remove_httpd_ccache)
fef02c
         self.step("configuring SELinux for httpd", self.configure_selinux_for_httpd)
fef02c
         if not self.is_kdcproxy_configured():
fef02c
-- 
fef02c
2.10.2
fef02c