freeipa

Clone
Source Code
GIT

854d305 Handle missing LWCA certificate or chain

Authored and Committed by ftweedal 4 years ago
raw patch tree parent
3 files changed. 68 lines added. 17 lines removed.
ipaclient/plugins/ca.py
file modified
+15 -4
ipalib/messages.py
file modified
+9 -0
ipaserver/plugins/ca.py
file modified
+44 -13 
    Handle missing LWCA certificate or chain
    
    If lightweight CA key replication has not completed, requests for
    the certificate or chain will return 404**.  This can occur in
    normal operation, and should be a temporary condition.  Detect this
    case and handle it by simply omitting the 'certificate' and/or
    'certificate_out' fields in the response, and add a warning message
    to the response.
    
    Also update the client-side plugin that handles the
    --certificate-out option.  Because the CLI will automatically print
    the warning message, if the expected field is missing from the
    response, just ignore it and continue processing.
    
    ** after the Dogtag NullPointerException gets fixed!
    
    Part of: https://pagure.io/freeipa/issue/7964
    
    Reviewed-By: Christian Heimes <cheimes@redhat.com>
    Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
file modified
+15 -4
file modified
+9 -0
file modified
+44 -13
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.