| |
@@ -54,11 +54,11 @@
|
| |
(ldap.MOD_REPLACE, 'nsslapd-ssl-check-hostname', 'off'),
|
| |
(ldap.MOD_REPLACE, 'nsslapd-secureport', ldapsport)])
|
| |
|
| |
- server.rsa.create(properties={'objectclass': "top nsEncryptionModule".split(),
|
| |
- 'cn': 'RSA',
|
| |
- 'nsSSLPersonalitySSL': mycert,
|
| |
- 'nsSSLToken': 'internal (software)',
|
| |
- 'nsSSLActivation': 'on'})
|
| |
+ server.rsa.ensure_state(properties={'objectclass': "top nsEncryptionModule".split(),
|
| |
+ 'cn': 'RSA',
|
| |
+ 'nsSSLPersonalitySSL': mycert,
|
| |
+ 'nsSSLToken': 'internal (software)',
|
| |
+ 'nsSSLActivation': 'on'})
|
| |
|
| |
|
| |
def check_pems(confdir, mycacert, myservercert, myserverkey, notexist):
|
| |
@@ -126,6 +126,12 @@
|
| |
def create_keys_certs(topology_m2):
|
| |
log.info("\n######################### Creating SSL Keys and Certs ######################\n")
|
| |
|
| |
+ for inst in topology_m2:
|
| |
+ log.info("##### Ensure that nsslapd-extract-pemfiles is 'off' on {}".format(inst.serverid))
|
| |
+ inst.config.set('nsslapd-extract-pemfiles', 'off')
|
| |
+ log.info("##### restart {}".format(inst.serverid))
|
| |
+ inst.restart()
|
| |
+
|
| |
global m1confdir
|
| |
m1confdir = topology_m2.ms["master1"].confdir
|
| |
global m2confdir
|
| |
Description: Mark conflict resolution test cases as 'xfail' (ds49591).
Fix SASL test. Fix Python 3 bytes issues in ds-replcheck tool.
Roll back a part of the PBKDF2_SHA256 schema fix because upgrade fails
without this part of the code.
https://pagure.io/389-ds-base/issue/49761
Reviewed by: ?