From 88ec82165561af0d14ec07a82f37156c5d2fa0da Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Thu, 8 Jan 2015 16:01:42 +0000
Subject: [PATCH] Fix CA certificate renewal syslog alert
https://fedorahosted.org/freeipa/ticket/4820
Reviewed-By: David Kupka <dkupka@redhat.com>
---
install/certmonger/dogtag-ipa-ca-renew-agent-submit | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/install/certmonger/dogtag-ipa-ca-renew-agent-submit b/install/certmonger/dogtag-ipa-ca-renew-agent-submit
index c63c0c2c5f863e05cafad293a60d9157c732e7ad..3c6e8175c337f65046f8631f4393aecfbf207f4d 100755
--- a/install/certmonger/dogtag-ipa-ca-renew-agent-submit
+++ b/install/certmonger/dogtag-ipa-ca-renew-agent-submit
@@ -403,7 +403,7 @@ def renew_ca_cert():
if state == 'retrieve':
result = call_handler(retrieve_cert)
- if result[0] == WAIT_WITH_DELAY and not is_self_signed:
+ if result[0] == REJECTED and not is_self_signed:
syslog.syslog(syslog.LOG_ALERT,
"IPA CA certificate is about to expire, "
"use ipa-cacert-manage to renew it")
--
2.1.0