[Freeipa-devel] [PATCH] 098 stop checking for CA ports
Simo Sorce
simo at redhat.com
Thu Sep 1 14:12:57 UTC 2011
On Thu, 2011-09-01 at 10:07 -0400, Rob Crittenden wrote:
> Simo Sorce wrote:
> > On Thu, 2011-09-01 at 08:21 -0400, Simo Sorce wrote:
> >> On Thu, 2011-09-01 at 08:10 -0400, Simo Sorce wrote:
> >>> On Wed, 2011-08-31 at 23:51 -0400, Rob Crittenden wrote:
> >>>> Simo Sorce wrote:
> >>>>> We use the new proxy code for dogtag now, so we do not need to open all
> >>>>> the CA ports as all connections go through the standard https port.
> >>>>>
> >>>>> Fixes https://fedorahosted.org/freeipa/ticket/1745
> >>>>>
> >>>>> Simo.
> >>>>
> >>>> nack. dogtag replication still takes place over 7389.
> >>>
> >>> Ouch, I am so glad we have a review process :-)
> >>
> >> New patch.
> >
> > After a quick convo with Rob on IRC I added a few ports that we should
> > always test.
> > 80/443 is also necessary for CA replication but they are always checked
> > anyway because it is a basic services that should always be available.
> >
> > Simo.
> >
>
> ACK
Pushed to master and 2.1
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list