internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-08 22:34:26 +00:00
Code Issues Projects Releases Wiki Activity

ipareplica_krb_enable_ssl: Initialize krb.pkcs12_info and krb.master_fqdn

Browse Source 
These two settings are not set using the krb.init_info method, but used in
krb.enable_ssl.

The configuration of PKINIT fails in IPA 4.7.0 because of the issue
https://pagure.io/freeipa/issue/7655 where auto detection of the
master is not properly working. With the missing setting of krb.master_fqdn
the not workint auto detection has been triggered, which resulted in
failed PKINIT enablement.
This commit is contained in:
Thomas Woerner
2019-06-25 15:52:54 +02:00
parent 5d881a9bf3
commit 5afd889023
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/ipareplica/library/ipareplica_krb_enable_ssl.py
View File

@@ -133,6 +133,8 @@ def main():
krb.init_info(api.env.realm, api.env.host,
setup_pkinit=not options.no_pkinit,
subject_base=options.subject_base)
krb.pkcs12_info = options._pkinit_pkcs12_info
krb.master_fqdn = master_host_name
ansible_log.debug("-- KRB ENABLE_SSL --")