rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0088-ext.-CA-correctly-write-the-cert-chain.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   483b06d68cbb3facb2f1fcff4d857d3e3233a2e0
  2.   SOURCES
  3.   0088-ext.-CA-correctly-write-the-cert-chain.patch
Blob History Raw
483b06 
From 3ee73ed6d739a9d89dadd78f37388e8cfdba143b Mon Sep 17 00:00:00 2001
483b06 
From: Stanislav Laznicka <slaznick@redhat.com>
483b06 
Date: Tue, 18 Apr 2017 17:17:48 +0200
483b06 
Subject: [PATCH] ext. CA: correctly write the cert chain
483b06
483b06 
The cert file would have been rewritten all over again with
483b06 
any of the cert in the CA cert chain without this patch.
483b06
483b06 
https://pagure.io/freeipa/issue/6872
483b06
483b06 
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
483b06 
---
483b06 
 ipaserver/install/cainstance.py | 5 +++--
483b06 
 1 file changed, 3 insertions(+), 2 deletions(-)
483b06
483b06 
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
483b06 
index ac5d9e2fc633c5ad732670245b72bee0f03268a6..e2070e39f7e162fcff6e1f8cca41218e440b5f58 100644
483b06 
--- a/ipaserver/install/cainstance.py
483b06 
+++ b/ipaserver/install/cainstance.py
483b06 
@@ -783,9 +783,10 @@ class CAInstance(DogtagInstance):
483b06 
         certlist = x509.pkcs7_to_pems(data, x509.DER)
483b06
483b06 
         # We have all the certificates in certlist, write them to a PEM file
483b06 
-        for cert in certlist:
483b06 
-            with open(paths.IPA_CA_CRT, 'w') as ipaca_pem:
483b06 
+        with open(paths.IPA_CA_CRT, 'w') as ipaca_pem:
483b06 
+            for cert in certlist:
483b06 
                 ipaca_pem.write(cert)
483b06 
+                ipaca_pem.write('\n')
483b06
483b06 
     def __request_ra_certificate(self):
483b06 
         # create a temp file storing the pwd
483b06 
--
483b06 
2.12.2
483b06

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation