[Freeipa-users] FreeIPA 4.1.0 server behind apache/mod_proxy
Piotr Baranowski
piotr.baranowski at osec.pl
Wed Jun 17 12:29:19 UTC 2015
----- Oryginalna wiadomość -----
> Od: "Alexander Bokovoy" <abokovoy at redhat.com>
> So you have two different certificates in use here and your client
> doesn't know about the other certificate (from your proxy). You need
> either to deliver that certificate to the client by yourself or change
> your proxying technology to something different.
>
> For example, you can use sniproxy which doesn't require in-the-middle
> certificate. https://github.com/dlundquist/sniproxy
Thanks for that hint. I'll have a look at that.
However I have an Idea:
If I could export ipa's mod_nss cert+key and then use them on my proxy running mod_ssl that probably could solve the issue.
Right?
Piotr
More information about the Freeipa-users
mailing list