[Freeipa-devel] [PATCH] 433-434 Remove mod_ssl conflict
Martin Kosek
mkosek at redhat.com
Fri Oct 25 08:31:49 UTC 2013
Since mod_nss-1.0.8-24, mod_nss and mod_ssl can co-exist on one
machine (of course, when listening to different ports).
To make sure that mod_ssl is not configured to listen on 443
(default mod_ssl configuration), add a check to the installer checking
of either mod_nss or mod_ssl was configured to listen on that port.
https://fedorahosted.org/freeipa/ticket/3974
TO TEST:
1. Install newest mod_nss:
F19: http://koji.fedoraproject.org/koji/buildinfo?buildID=473624
2. Install patched freeipa
3. Install mod_ssl
4. Update /etc/httpd/conf.d/ssl.conf to not listen on 443, but rather on 10443
or others
5. "setenforce 0" to allow httpd listen on that port
6. ipa-server-install
The server should now listen on both 443 with mod_nss and 10443 with mod_ssl.
CLI and Web UI should continue to work, as well as cert operations like
"cert-show 1" - cert operations would not work if new mod_nss is not updated.
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-433-make-set_directive-and-get_directive-more-strict.patch
Type: text/x-patch
Size: 1594 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131025/7d7d486e/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-434-remove-mod_ssl-conflict.patch
Type: text/x-patch
Size: 7334 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131025/7d7d486e/attachment-0001.bin>
More information about the Freeipa-devel
mailing list