[Freeipa-users] Certificate error when modifying/deleting a host
Adam Young
ayoung at redhat.com
Wed Sep 28 01:33:11 UTC 2011
After talking with the PKI developer that is fixing this, I found out
that one other file needs to be modified:
/var/lib/pki-ca/conf/CS.cfg
http.port=8080
https.port=8443
On 09/27/2011 07:55 PM, Adam Young wrote:
>
> Siggi,
>
> This is my comment in the ticket:
> https://fedorahosted.org/freeipa/ticket/1889
>
> We are working on a tool in the PKI project that will perform these
> steps in an automated fashion.
>
>
> There are three files that need to be addressed.
>
> On the tomcat side, the files are in the Tomcat instance managed by
> IPA in /var/lib/pki-ca. The first is
>
> /var/lib/pki-ca/conf/server.xml
>
> It needs the addition:
>
> + <Connector port="9447" protocol="AJP/1.3" redirectPort="9444" />
>
> You can place it around line 281, above the comment for the line
> <Engine name="Catalina" defaultHost="localhost">
>
> Second is: /var/lib/pki-ca/webapps/ca/WEB-INF/web.xml
>
> For each of the filter entries it needs the code addition below:
>
> <init-param>
>
> <param-name>proxy_port</param-name>
> <param-value>443</param-value>
>
> </init-param>
>
> + <init-param> + <param-name>proxy_port</param-name> +
> <param-value>443</param-value> + </init-param>
>
> <init-param>
>
> <param-name>active</param-name> <param-value>true</param-value>
>
> </init-param>
>
> </filter>
>
> The third change is creating a symlink to /etc/pki-ca/proxy.conf in
> the directory /etc/httpd/conf.d
>
>
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110927/d75d6cda/attachment.htm>
More information about the Freeipa-users
mailing list