Use shared realm certificate file name to allow syncrepl to work

pull/1/head
Timothy Pearson 12 years ago
parent a512090138
commit bac7789f94

@ -3823,9 +3823,9 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP
TQString kdc_certfile = KERBEROS_PKI_KDC_FILE; TQString kdc_certfile = KERBEROS_PKI_KDC_FILE;
TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE; TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE;
TQString kdc_reqfile = KERBEROS_PKI_KDCREQ_FILE; TQString kdc_reqfile = KERBEROS_PKI_KDCREQ_FILE;
kdc_certfile.replace("@@@KDCSERVER@@@", realmcfg.kdc); kdc_certfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower());
kdc_keyfile.replace("@@@KDCSERVER@@@", realmcfg.kdc); kdc_keyfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower());
kdc_reqfile.replace("@@@KDCSERVER@@@", realmcfg.kdc); kdc_reqfile.replace("@@@KDCSERVER@@@", realmcfg.name.lower());
command = TQString("openssl req -new -out %1 -key %2 -subj \"/C=%3/ST=%4/L=%5/O=%6/OU=%7/CN=%8/emailAddress=%9\"").arg(kdc_reqfile).arg(kdc_keyfile).arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress); command = TQString("openssl req -new -out %1 -key %2 -subj \"/C=%3/ST=%4/L=%5/O=%6/OU=%7/CN=%8/emailAddress=%9\"").arg(kdc_reqfile).arg(kdc_keyfile).arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress);
if (system(command) < 0) { if (system(command) < 0) {
@ -3861,9 +3861,9 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal
TQString ldap_certfile = LDAP_CERT_FILE; TQString ldap_certfile = LDAP_CERT_FILE;
TQString ldap_keyfile = LDAP_CERTKEY_FILE; TQString ldap_keyfile = LDAP_CERTKEY_FILE;
TQString ldap_reqfile = LDAP_CERTREQ_FILE; TQString ldap_reqfile = LDAP_CERTREQ_FILE;
ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server); ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower());
ldap_keyfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server); ldap_keyfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower());
ldap_reqfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server); ldap_reqfile.replace("@@@ADMINSERVER@@@", realmcfg.name.lower());
command = TQString("openssl req -new -out %1 -key %2 -subj \"/C=%3/ST=%4/L=%5/O=%6/OU=%7/CN=%8/emailAddress=%9\"").arg(ldap_reqfile).arg(ldap_keyfile).arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(realmcfg.admin_server).arg(certinfo.emailAddress); command = TQString("openssl req -new -out %1 -key %2 -subj \"/C=%3/ST=%4/L=%5/O=%6/OU=%7/CN=%8/emailAddress=%9\"").arg(ldap_reqfile).arg(ldap_keyfile).arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(realmcfg.admin_server).arg(certinfo.emailAddress);
if (system(command) < 0) { if (system(command) < 0) {

Loading…
Cancel
Save