On 08/19/2011 01:19 PM, Adam Young wrote:
The
complete solution for this patch requires changes in Dogtag that
Ade Lee is working on right now. In order to test, I have
provided a couple of files that I have been using:
1. Apply patch, build and install IPA rpms, run
ipaserver-install as per usual.
2. Move the dogtag.conf file into /etc/httpd/conf.d directorys
3. Run the proxy_dogtag.py script to modify the Dogtag
instance to accept AJP connections from httpd so httpd can act
as a proxy
4. Restart IPA
To test:
1. add a host.
2. Generate a csr: http://freeipa.org/page/Certificate_Authority#Request_a_certificate
3. request a certificate for the newly added host.
4. Optionally, Revoke the certificate for the host
Please do not forget to test the proxy test when replica does not
have the CA installed and has to forward the request to the one
that has.
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel