On Mon, 2015-09-14 at 08:28 +0200, Martin Kosek wrote: > Hello, Hi, > It is the right way to do it AFAIK, Indeed, no. It's a hack around the lack of SNI support in mod_nss. > however it would only work with FreeIPA 4.0 > or older: > > https://fedorahosted.org/freeipa/ticket/3977 That's right. I don't even know what the workaround would be for older than FreeIPA 4.0. Probably the only choice left there is to run the additional virtual hosts on a port other than 443. But that's an even uglier hack as it's user-facing. > Speaking in RHEL/CentOS versions, this is 7.1 or older. My 7.1 has FreeIPA 4.1. Cheers, b.
Description: This is a digitally signed message part