[Freeipa-devel] [PATCH] 161 Use configured dogtag LDAP port instead of default one when renewing certs
Jan Cholasta
jcholast at redhat.com
Thu Aug 29 14:41:56 UTC 2013
On 29.8.2013 16:32, Jan Cholasta wrote:
> On 23.7.2013 18:26, Jan Cholasta wrote:
>> On 22.7.2013 17:40, Simo Sorce wrote:
>>> On Mon, 2013-07-22 at 17:36 +0200, Jan Cholasta wrote:
>>>> if nickname == 'subsystemCert cert-pki-ca':
>>>> - update_people_entry('pkidbuser', cert)
>>>> + update_people_entry(dogtag_uri, 'pkidbuser', cert)
>>>>
>>>>
>>> This is probably wrong, there is no pkidbuser in old instances.
>>>
>>> My subsystemCert has a subject of "CN=CA Subsystem,O=REALM" and this
>>> cert is associated to an object named:
>>> uid=CA-<sevrver-name>-9443,ou=people,o=ipaca
>>>
>>> I think you need to search the db to find the right object(s) to update.
>>
>> Right. Updated patch attached.
>>
>> Honza
>>
>
> Rebased on top of current master & ipa-3-1.
>
... and now with the correct patches attached.
--
Jan Cholasta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-161.3-Fix-certificate-renewal-scripts-to-work-with-separat.patch
Type: text/x-patch
Size: 5872 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130829/8c5dfd9b/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-161.3-Fix-certificate-renewal-scripts-to-work-with-separat-ipa-3-1.patch
Type: text/x-patch
Size: 6053 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130829/8c5dfd9b/attachment-0001.bin>
More information about the Freeipa-devel
mailing list