<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
NACK. Replicate uses the install code, which grabs the local
constants. Need to extend it to use the local constants for a base
install, but the remote constants for the replica installs.<br>
<br>
<br>
On 08/19/2011 01:57 PM, Dmitri Pal wrote:
<blockquote cite="mid:4E4EA415.9010907@redhat.com" type="cite">
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
On 08/19/2011 01:19 PM, Adam Young wrote:
<blockquote cite="mid:4E4E9B34.10309@redhat.com" type="cite">The
complete solution for this patch requires changes in Dogtag that
Ade Lee is working on right now. In order to test, I have
provided a couple of files that I have been using: <br>
<br>
<br>
1. Apply patch, build and install IPA rpms, run
ipaserver-install as per usual. <br>
2. Move the dogtag.conf file into /etc/httpd/conf.d directorys
<br>
3. Run the proxy_dogtag.py script to modify the Dogtag
instance to accept AJP connections from httpd so httpd can act
as a proxy <br>
4. Restart IPA <br>
<br>
<br>
To test: <br>
<br>
1. add a host. <br>
2. Generate a csr: <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://freeipa.org/page/Certificate_Authority#Request_a_certificate">http://freeipa.org/page/Certificate_Authority#Request_a_certificate</a>
<br>
3. request a certificate for the newly added host. <br>
4. Optionally, Revoke the certificate for the host <br>
<br>
</blockquote>
<br>
<br>
Please do not forget to test the proxy test when replica does not
have the CA installed and has to forward the request to the one
that has.<br>
<br>
<blockquote cite="mid:4E4E9B34.10309@redhat.com" type="cite"> <br>
<pre wrap=""><fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
Freeipa-devel mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="http://www.redhat.com/carveoutcosts/">www.redhat.com/carveoutcosts/</a>
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Freeipa-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre>
</blockquote>
<br>
</body>
</html>