From 6b894f28b5ac07fff3863cc4fec6b9a2383b615e Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: May 16 2024 12:46:32 +0000 Subject: After installing a KRA, copy the updated token to other machines This can be eventually squashed into the main "test" patch but keeping it separate to make it easier to see what has happened. Signed-off-by: Rob Crittenden Reviewed-By: Florence Blanc-Renaud --- diff --git a/ipatests/test_integration/test_hsm.py b/ipatests/test_integration/test_hsm.py index 66003ef..a12dacf 100644 --- a/ipatests/test_integration/test_hsm.py +++ b/ipatests/test_integration/test_hsm.py @@ -611,6 +611,16 @@ class TestHSMExternalToSelfSignedCA(IntegrationTest): tasks.install_kra(self.master, first_instance=True, token_password=self.token_password) + # Copy the new KRA key material to the other server(s). + serialdir, token_files = find_softhsm_token_files( + self.master, self.token_name + ) + for server in (self.replicas[0],): + tasks.copy_files(self.master, server, token_files) + server.run_command( + ['chown', '-R', 'pkiuser:pkiuser', serialdir] + ) + def test_hsm_external_to_self_signed_ca(self): check_version(self.master) self.master.run_command([paths.IPA_CACERT_MANAGE, 'renew',