From bac7789f9458b01c3508d930e6b21eba852d057b Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Thu, 11 Jul 2013 15:39:24 +0000
Subject: [PATCH] Use shared realm certificate file name to allow syncrepl to
 work

---
 src/libtdeldap.cpp | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 18b0782..0b9a264 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -3823,9 +3823,9 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP
 	TQString kdc_certfile = KERBEROS_PKI_KDC_FILE;
 	TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE;
 	TQString kdc_reqfile = KERBEROS_PKI_KDCREQ_FILE;
-	kdc_certfile.replace("@@@KDCSERVER@@@", realmcfg.kdc);
-	kdc_keyfile.replace("@@@KDCSERVER@@@", realmcfg.kdc);
-	kdc_reqfile.replace("@@@KDCSERVER@@@", realmcfg.kdc);
+	kdc_certfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower());
+	kdc_keyfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower());
+	kdc_reqfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower());
 
 	command = TQString("openssl req -new -out %1 -key %2 -subj \"/C=%3/ST=%4/L=%5/O=%6/OU=%7/CN=%8/emailAddress=%9\"").arg(kdc_reqfile).arg(kdc_keyfile).arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress);
 	if (system(command) < 0) {
@@ -3861,9 +3861,9 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal
 	TQString ldap_certfile = LDAP_CERT_FILE;
 	TQString ldap_keyfile = LDAP_CERTKEY_FILE;
 	TQString ldap_reqfile = LDAP_CERTREQ_FILE;
-	ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server);
-	ldap_keyfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server);
-	ldap_reqfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server);
+	ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower());
+	ldap_keyfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower());
+	ldap_reqfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower());
 
 	command = TQString("openssl req -new -out %1 -key %2 -subj \"/C=%3/ST=%4/L=%5/O=%6/OU=%7/CN=%8/emailAddress=%9\"").arg(ldap_reqfile).arg(ldap_keyfile).arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(realmcfg.admin_server).arg(certinfo.emailAddress);
 	if (system(command) < 0) {