ef39e1b upgrade: remove ipaCert and key from /etc/httpd/alias

3 files Authored by frenaud 4 years ago, Committed by abbra 4 years ago,
    upgrade: remove ipaCert and key from /etc/httpd/alias
    
    With ipa 4.5+, the RA cert is stored in files in
    /var/lib/ipa/ra-agent.{key|pem}. The upgrade code handles
    the move from /etc/httpd/alias to the files but does not remove
    the private key from /etc/httpd/alias.
    
    The fix calls certutil -F -n ipaCert to remove cert and key,
    instead of -D -n ipaCert which removes only the cert.
    
    Fixes: https://pagure.io/freeipa/issue/7329
    Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
    
        
file modified
+26 -0