From d6300dca285acaad296f6271421c23999e3c1071 Mon Sep 17 00:00:00 2001 From: Tomas Krizek Date: Nov 14 2016 17:01:04 +0000 Subject: cainstance: use correct certificate for replica install check Incorrect certificate file extension caused DL0 replica install to fail. https://fedorahosted.org/freeipa/ticket/6461 Reviewed-By: Florence Blanc-Renaud --- diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 4953ff7..c7a117d 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -1301,7 +1301,7 @@ def replica_ca_install_check(config, promote): with ipaldap.LDAPClient( ca_ldap_url, start_tls=True, - cacert=config.dir + "/ca.cer", + cacert=config.dir + "/ca.crt", force_schema_updates=False) as connection: connection.simple_bind(bind_dn=ipaldap.DIRMAN_DN, bind_password=config.dirman_password)