[Freeipa-users] Adding virtual servers to IPA httpd
Ian Pilcher
arequipeno at gmail.com
Tue Aug 25 00:10:23 UTC 2015
On 08/24/2015 01:47 AM, Martin Kosek wrote:
> FreeIPA can play well with other stuff running on the same Apache as long as
> you do not break it's Apache configuration - like mod_nss running on port 443,
> CA proxy or the RPC connection URIs used by "ipa" tool or other tools.
>
> So the answer is - it is possible, but there are dragons lurking on the
> shadows, so please be careful.
So I think that I have this working. I've been able to set up a
"default" named virtual host on port 80 that does the IPA web UI
redirection, along with a separate named virtual host that redirects
to a reverse proxy (SSL endpoint)/static content server on a random
high port.
(This will all be used to secure access to my new OpenSprinkler
controller when it arrives.)
I've posted a sanitized version of the config file at:
http://pastebin.com/aPyG3q4v
I've tested both "redirection" servers on port 80, using both short
hostnames and FQDNs, and I've verified that the correct certificates
and CA chains are being served on ports 443 and 59872.
How can I test the CA proxy and RPC URIs? Is there anything else I
should check before I declare victory and start drinking?
Thanks!
--
========================================================================
Ian Pilcher arequipeno at gmail.com
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================
More information about the Freeipa-users
mailing list