[Freeipa-users] Certificate error when modifying/deleting a host
Adam Young
ayoung at redhat.com
Tue Sep 27 23:55:30 UTC 2011
Siggi,
This is my comment in the ticket:
https://fedorahosted.org/freeipa/ticket/1889
We are working on a tool in the PKI project that will perform these
steps in an automated fashion.
There are three files that need to be addressed.
On the tomcat side, the files are in the Tomcat instance managed by IPA
in /var/lib/pki-ca. The first is
/var/lib/pki-ca/conf/server.xml
It needs the addition:
+ <Connector port="9447" protocol="AJP/1.3" redirectPort="9444" />
You can place it around line 281, above the comment for the line <Engine
name="Catalina" defaultHost="localhost">
Second is: /var/lib/pki-ca/webapps/ca/WEB-INF/web.xml
For each of the filter entries it needs the code addition below:
<init-param>
<param-name>proxy_port</param-name> <param-value>443</param-value>
</init-param>
+ <init-param> + <param-name>proxy_port</param-name> +
<param-value>443</param-value> + </init-param>
<init-param>
<param-name>active</param-name> <param-value>true</param-value>
</init-param>
</filter>
The third change is creating a symlink to /etc/pki-ca/proxy.conf in the
directory /etc/httpd/conf.d
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110927/a2efae34/attachment.htm>
More information about the Freeipa-users
mailing list