|
 |
e3ffab |
From 90fde5a437f23cac0534f66bc3564c9c676010ab Mon Sep 17 00:00:00 2001
|
|
|
e3ffab |
From: Jan Cholasta <jcholast@redhat.com>
|
|
|
e3ffab |
Date: Wed, 3 Dec 2014 07:43:15 +0000
|
|
|
e3ffab |
Subject: [PATCH] Fix automatic CA cert renewal endless loop in
|
|
|
e3ffab |
dogtag-ipa-ca-renew-agent
|
|
|
e3ffab |
|
|
|
e3ffab |
Reset profile name after requesting the CA cert from Dogtag to prevent the
|
|
|
e3ffab |
automatic renewal request from being restarted in subsequent calls.
|
|
|
e3ffab |
|
|
|
e3ffab |
https://fedorahosted.org/freeipa/ticket/4765
|
|
|
e3ffab |
|
|
|
e3ffab |
Reviewed-By: David Kupka <dkupka@redhat.com>
|
|
|
e3ffab |
---
|
|
|
e3ffab |
install/certmonger/dogtag-ipa-ca-renew-agent-submit | 2 ++
|
|
|
e3ffab |
1 file changed, 2 insertions(+)
|
|
|
e3ffab |
|
|
|
e3ffab |
diff --git a/install/certmonger/dogtag-ipa-ca-renew-agent-submit b/install/certmonger/dogtag-ipa-ca-renew-agent-submit
|
|
|
e3ffab |
index 0a2cff148810e4800c02121afc68911c221d34d7..e0dd33fda6036ed2fb003a89c35eacb1784a5e25 100755
|
|
|
e3ffab |
--- a/install/certmonger/dogtag-ipa-ca-renew-agent-submit
|
|
|
e3ffab |
+++ b/install/certmonger/dogtag-ipa-ca-renew-agent-submit
|
|
|
e3ffab |
@@ -408,8 +408,10 @@ def renew_ca_cert():
|
|
|
e3ffab |
"IPA CA certificate is about to expire, "
|
|
|
e3ffab |
"use ipa-cacert-manage to renew it")
|
|
|
e3ffab |
elif state == 'request':
|
|
|
e3ffab |
+ profile = os.environ['CERTMONGER_CA_PROFILE']
|
|
|
e3ffab |
os.environ['CERTMONGER_CA_PROFILE'] = 'caCACert'
|
|
|
e3ffab |
result = call_handler(request_and_store_cert)
|
|
|
e3ffab |
+ os.environ['CERTMONGER_CA_PROFILE'] = profile
|
|
|
e3ffab |
|
|
|
e3ffab |
if result[0] == WAIT:
|
|
|
e3ffab |
return (result[0], '%s:%s' % (state, result[1]))
|
|
|
e3ffab |
--
|
|
|
e3ffab |
2.1.0
|
|
|
e3ffab |
|