[Freeipa-devel] [PATCH] 098 stop checking for CA ports
Simo Sorce
simo at redhat.com
Thu Sep 1 12:34:53 UTC 2011
On Thu, 2011-09-01 at 08:21 -0400, Simo Sorce wrote:
> On Thu, 2011-09-01 at 08:10 -0400, Simo Sorce wrote:
> > On Wed, 2011-08-31 at 23:51 -0400, Rob Crittenden wrote:
> > > Simo Sorce wrote:
> > > > We use the new proxy code for dogtag now, so we do not need to open all
> > > > the CA ports as all connections go through the standard https port.
> > > >
> > > > Fixes https://fedorahosted.org/freeipa/ticket/1745
> > > >
> > > > Simo.
> > >
> > > nack. dogtag replication still takes place over 7389.
> >
> > Ouch, I am so glad we have a review process :-)
>
> New patch.
After a quick convo with Rob on IRC I added a few ports that we should
always test.
80/443 is also necessary for CA replication but they are always checked
anyway because it is a basic services that should always be available.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-simo-0098-3-conncheck-No-need-to-check-for-CA-ports-anymore.patch
Type: text/x-patch
Size: 1340 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110901/78e83fcd/attachment.bin>
More information about the Freeipa-devel
mailing list