From bac7789f9458b01c3508d930e6b21eba852d057b Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Thu, 11 Jul 2013 15:39:24 +0000 Subject: [PATCH] Use shared realm certificate file name to allow syncrepl to work --- src/libtdeldap.cpp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 18b0782..0b9a264 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -3823,9 +3823,9 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP TQString kdc_certfile = KERBEROS_PKI_KDC_FILE; TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE; TQString kdc_reqfile = KERBEROS_PKI_KDCREQ_FILE; - kdc_certfile.replace("@@@KDCSERVER@@@", realmcfg.kdc); - kdc_keyfile.replace("@@@KDCSERVER@@@", realmcfg.kdc); - kdc_reqfile.replace("@@@KDCSERVER@@@", realmcfg.kdc); + kdc_certfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower()); + kdc_keyfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower()); + kdc_reqfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower()); command = TQString("openssl req -new -out %1 -key %2 -subj \"/C=%3/ST=%4/L=%5/O=%6/OU=%7/CN=%8/emailAddress=%9\"").arg(kdc_reqfile).arg(kdc_keyfile).arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress); if (system(command) < 0) { @@ -3861,9 +3861,9 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal TQString ldap_certfile = LDAP_CERT_FILE; TQString ldap_keyfile = LDAP_CERTKEY_FILE; TQString ldap_reqfile = LDAP_CERTREQ_FILE; - ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server); - ldap_keyfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server); - ldap_reqfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server); + ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower()); + ldap_keyfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower()); + ldap_reqfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower()); command = TQString("openssl req -new -out %1 -key %2 -subj \"/C=%3/ST=%4/L=%5/O=%6/OU=%7/CN=%8/emailAddress=%9\"").arg(ldap_reqfile).arg(ldap_keyfile).arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(realmcfg.admin_server).arg(certinfo.emailAddress); if (system(command) < 0) {