ipaserver: Properly set settings related to pkcs12 files

Use and generation of dirsrv_pkcs12_info, http_pkcs12_info and pkinit_pkcs12_info has been fixed in: - ipaserver_setup_ds - ipaserver_setup_http - ipaserver_test
2026-05-14 13:32:10 +00:00 · 2019-07-17 19:39:43 +02:00
parent 03688da522
commit f9066fa55b
4 changed files with 11 additions and 3 deletions
--- a/roles/ipaserver/library/ipaserver_setup_ds.py
+++ b/roles/ipaserver/library/ipaserver_setup_ds.py
@@ -82,6 +82,7 @@ def main():
            dirsrv_config_file=dict(required=False),
            ### ssl certificate ###
            dirsrv_cert_files=dict(required=False, type='list', default=[]),
+            _dirsrv_pkcs12_info=dict(required=False),
            ### certificate system ###
            external_cert_files=dict(required=False, type='list', default=[]),
            subject_base=dict(required=False),
@@ -108,6 +109,8 @@ def main():
    options.no_pkinit = ansible_module.params.get('no_pkinit')
    options.no_hbac_allow = ansible_module.params.get('no_hbac_allow')
    options.dirsrv_config_file = ansible_module.params.get('dirsrv_config_file')
+    options._dirsrv_pkcs12_info = ansible_module.params.get(
+        '_dirsrv_pkcs12_info')
    ### ssl certificate ###
    options.dirsrv_cert_files = ansible_module.params.get('dirsrv_cert_files')
    ### certificate system ###
--- a/roles/ipaserver/library/ipaserver_setup_http.py
+++ b/roles/ipaserver/library/ipaserver_setup_http.py
@@ -97,6 +97,7 @@ def main():

            #_update_hosts_file=dict(required=False, type='bool', default=False),
            _dirsrv_pkcs12_info=dict(required=False),
+            _http_pkcs12_info=dict(required=False),
        ),
    )

@@ -146,6 +147,8 @@ def main():
    #options._update_hosts_file = ansible_module.params.get('_update_hosts_file')
    options._dirsrv_pkcs12_info = ansible_module.params.get(
        '_dirsrv_pkcs12_info')
+    options._http_pkcs12_info = ansible_module.params.get(
+        '_http_pkcs12_info')

    # init ##################################################################

--- a/roles/ipaserver/library/ipaserver_test.py
+++ b/roles/ipaserver/library/ipaserver_test.py
@@ -821,7 +821,7 @@ def main():
            key_nickname=options.http_cert_name,
            ca_cert_files=options.ca_cert_files,
            host_name=host_name)
-        http_pkcs12_info = (http_pkcs12_file.name, options.http_pin)
+        http_pkcs12_info = (http_pkcs12_file.name, http_pin)

    if options.dirsrv_cert_files:
        if options.dirsrv_pin is None:
@@ -833,7 +833,7 @@ def main():
            key_nickname=options.dirsrv_cert_name,
            ca_cert_files=options.ca_cert_files,
            host_name=host_name)
-        dirsrv_pkcs12_info = (dirsrv_pkcs12_file.name, options.dirsrv_pin)
+        dirsrv_pkcs12_info = (dirsrv_pkcs12_file.name, dirsrv_pin)

    if options.pkinit_cert_files:
        if options.pkinit_pin is None:
@@ -845,7 +845,7 @@ def main():
            key_nickname=options.pkinit_cert_name,
            ca_cert_files=options.ca_cert_files,
            realm_name=realm_name)
-        pkinit_pkcs12_info = (pkinit_pkcs12_file.name, options.pkinit_pin)
+        pkinit_pkcs12_info = (pkinit_pkcs12_file.name, pkinit_pin)

    if (options.http_cert_files and options.dirsrv_cert_files and
        http_ca_cert != dirsrv_ca_cert):