From 80e815191a388f647744e0a1fc7339f1a80be928 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: May 06 2013 11:37:31 +0000
Subject: Specify the location for the agent PKCS#12 file so we don't have to move it.


Dogtag 10.0.2 changed the default location for this file from /root/.pki
to /root/.dogtag which broke our install.

https://fedorahosted.org/freeipa/ticket/3599

---

diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 01e784f..666df48 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -663,6 +663,7 @@ class CAInstance(service.Service):
         config.set("CA", "pki_admin_nickname", "ipa-ca-agent")
         config.set("CA", "pki_admin_subject_dn",
             str(DN(('cn', 'ipa-ca-agent'), self.subject_base)))
+        config.set("CA", "pki_client_admin_cert_p12", "/root/ca-agent.p12")
 
         # Directory server
         config.set("CA", "pki_ds_ldap_port", str(self.ds_port))
@@ -749,9 +750,6 @@ class CAInstance(service.Service):
             print "ipa-server-install --external_cert_file=/path/to/signed_certificate --external_ca_file=/path/to/external_ca_certificate"
             sys.exit(0)
         else:
-            if not self.clone:
-                shutil.move("/root/.pki/pki-tomcat/ca_admin_cert.p12", \
-                            "/root/ca-agent.p12")
             shutil.move("/var/lib/pki/pki-tomcat/alias/ca_backup_keys.p12", \
                         "/root/cacert.p12")