def install(replica_config, options, dm_password):
subject = dsinstance.DsInstance().find_subject_base()
if replica_config is None:
kra = krainstance.KRAInstance(
api.env.realm,
dogtag_constants=dogtag.install_constants)
kra.configure_instance(
api.env.host, api.env.domain, dm_password,
dm_password, subject_base=subject)
else:
kra = krainstance.install_replica_kra(replica_config)
service.print_msg("Restarting the directory server")
ds = dsinstance.DsInstance()
ds.restart()
kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH)
# Update config file
parser = RawConfigParser()
parser.read(paths.IPA_DEFAULT_CONF)
parser.set('global', 'enable_kra', 'True')
with open(paths.IPA_DEFAULT_CONF, 'w') as f:
parser.write(f)
def _run(self):
super(KRAInstaller, self).run()
print dedent(self.INSTALLER_START_MESSAGE)
subject = dsinstance.DsInstance().find_subject_base()
if not self.installing_replica:
kra = krainstance.KRAInstance(
api.env.realm,
dogtag_constants=dogtag.install_constants)
kra.configure_instance(
api.env.host, api.env.domain, self.options.password,
self.options.password, subject_base=subject)
else:
replica_config = create_replica_config(
self.options.password,
self.replica_file,
self.options)
if not read_replica_info_kra_enabled(replica_config.dir):
raise admintool.ScriptError(
"Either KRA is not installed on the master system or "
"your replica file is out of date"
)
kra = krainstance.install_replica_kra(replica_config)
service.print_msg("Restarting the directory server")
ds = dsinstance.DsInstance()
ds.restart()
kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH)
# Restart apache for new proxy config file
services.knownservices.httpd.restart(capture_output=True)
# Update config file
parser = RawConfigParser()
parser.read(paths.IPA_DEFAULT_CONF)
parser.set('global', 'enable_kra', 'True')
with open(paths.IPA_DEFAULT_CONF, 'w') as f:
parser.write(f)
def _run(self):
super(KRAInstaller, self).run()
print dedent(self.INSTALLER_START_MESSAGE)
subject = dsinstance.DsInstance().find_subject_base()
if not self.installing_replica:
kra = krainstance.KRAInstance(
api.env.realm, dogtag_constants=dogtag.install_constants)
kra.configure_instance(api.env.host,
api.env.domain,
self.options.password,
self.options.password,
subject_base=subject)
else:
replica_config = create_replica_config(self.options.password,
self.replica_file,
self.options)
if not read_replica_info_kra_enabled(replica_config.dir):
raise admintool.ScriptError(
"Either KRA is not installed on the master system or "
"your replica file is out of date")
kra = krainstance.install_replica_kra(replica_config)
service.print_msg("Restarting the directory server")
ds = dsinstance.DsInstance()
ds.restart()
kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH)
# Restart apache for new proxy config file
services.knownservices.httpd.restart(capture_output=True)
# Update config file
parser = RawConfigParser()
parser.read(paths.IPA_DEFAULT_CONF)
parser.set('global', 'enable_kra', 'True')
with open(paths.IPA_DEFAULT_CONF, 'w') as f:
parser.write(f)
def install(api, replica_config, options):
subject = dsinstance.DsInstance().find_subject_base()
if replica_config is None:
kra = krainstance.KRAInstance(
api.env.realm,
dogtag_constants=dogtag.install_constants)
kra.configure_instance(
api.env.realm, api.env.host, api.env.domain, options.dm_password,
options.dm_password, subject_base=subject)
else:
kra = krainstance.install_replica_kra(replica_config)
service.print_msg("Restarting the directory server")
ds = dsinstance.DsInstance()
ds.restart()
kra.ldap_enable('KRA', api.env.host, options.dm_password, api.env.basedn)
kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH)
def install(api, replica_config, options):
subject = dsinstance.DsInstance().find_subject_base()
if replica_config is None:
kra = krainstance.KRAInstance(api.env.realm)
kra.configure_instance(api.env.realm,
api.env.host,
options.dm_password,
options.dm_password,
subject_base=subject)
else:
if options.promote:
ca_data = (os.path.join(replica_config.dir, 'kracert.p12'),
replica_config.dirman_password)
custodia = custodiainstance.CustodiaInstance(
replica_config.host_name, replica_config.realm_name)
custodia.get_kra_keys(replica_config.kra_host_name, ca_data[0],
ca_data[1])
kra = krainstance.KRAInstance(replica_config.realm_name)
kra.configure_replica(replica_config.host_name,
replica_config.kra_host_name,
replica_config.dirman_password,
kra_cert_bundle=ca_data)
return
else:
kra = krainstance.install_replica_kra(replica_config)
service.print_msg("Restarting the directory server")
ds = dsinstance.DsInstance()
ds.restart()
kra.ldap_enable('KRA', api.env.host, options.dm_password, api.env.basedn)
kra.enable_client_auth_to_db(paths.KRA_CS_CFG_PATH)
# Restart apache for new proxy config file
services.knownservices.httpd.restart(capture_output=True)
def install(api, replica_config, options):
subject = dsinstance.DsInstance().find_subject_base()
if replica_config is None:
kra = krainstance.KRAInstance(api.env.realm)
kra.configure_instance(
api.env.realm, api.env.host, options.dm_password,
options.dm_password, subject_base=subject)
else:
if options.promote:
ca_data = (os.path.join(replica_config.dir, 'kracert.p12'),
replica_config.dirman_password)
custodia = custodiainstance.CustodiaInstance(
replica_config.host_name, replica_config.realm_name)
custodia.get_kra_keys(replica_config.kra_host_name,
ca_data[0], ca_data[1])
kra = krainstance.KRAInstance(replica_config.realm_name)
kra.configure_replica(replica_config.host_name,
replica_config.kra_host_name,
replica_config.dirman_password,
kra_cert_bundle=ca_data)
return
else:
kra = krainstance.install_replica_kra(replica_config)
service.print_msg("Restarting the directory server")
ds = dsinstance.DsInstance()
ds.restart()
kra.ldap_enable('KRA', api.env.host, options.dm_password, api.env.basedn)
kra.enable_client_auth_to_db(paths.KRA_CS_CFG_PATH)
# Restart apache for new proxy config file
services.knownservices.httpd.restart(capture_output=True)
