From 6b2b9ea7871d61b270a0ee6f5fc47e97bf3a57fb Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Mon, 15 Jun 2020 09:48:02 +0200
Subject: [PATCH] ipaserver/library/ipaserver_setup_ca.py: Fix bug introduced
 with ca-less PR

The ca-less PR introduced a bug when http_ca_cert is not set. The test
for loading the certificate is testing for None, but the string will only
be empty in this case.

Related: #298 (Install server and replicas without CA)
---
 roles/ipaserver/library/ipaserver_setup_ca.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/ipaserver/library/ipaserver_setup_ca.py b/roles/ipaserver/library/ipaserver_setup_ca.py
index 6a5cfcce..53a3633a 100644
--- a/roles/ipaserver/library/ipaserver_setup_ca.py
+++ b/roles/ipaserver/library/ipaserver_setup_ca.py
@@ -265,7 +265,7 @@ def main():
     # additional
     options.domainlevel = ansible_module.params.get('domainlevel')
     options._http_ca_cert = ansible_module.params.get('_http_ca_cert')
-    if options._http_ca_cert is not None:
+    if options._http_ca_cert:
         options._http_ca_cert = decode_certificate(options._http_ca_cert)
 
     # init #################################################################
-- 
GitLab