URL:
https://github.com/freeipa/freeipa/pull/4896
Author: frasertweedale
Title: #4896: certupdate: only add LWCA tracking requests on CA servers
Action: opened
PR body:
"""
ipa-certupdate throws an exception when executed on a non-CA server
in a CA-ful deployment with lightweight sub-CAs (LWCAs). Check that
we are on a CA server before attempting to create Certmonger
tracking requests for LWCAs.
HOW TO TEST
1. Install first server (with CA)
2. Install replica without CA
3. Create sub-CA (`ipa ca-add`)
4. Run `ipa-certupdate` on replica. Observe that no stack trace is
produced.
Fixes:
https://pagure.io/freeipa/issue/8399
"""
To pull the PR as Git branch:
git remote add ghfreeipa
https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/4896/head:pr4896
git checkout pr4896