URL: https://github.com/freeipa/freeipa/pull/874 Author: felipevolpone Title: #874: Changing cert-find to go through the proxy instead of using the port 8080 Action: opened
PR body: """ The cert-find command now uses the proxy to reach Dogtag, instead of using the port 8080. In order to accomplish that, it's necessary to change the proxy configuration adding the service URL. Ticket: https://pagure.io/freeipa/issue/6966 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/874/head:pr874 git checkout pr874
From 4072343accc93fd545391fe74bd969af0e88e10d Mon Sep 17 00:00:00 2001 From: Felipe Volpone <felipevolp...@gmail.com> Date: Wed, 14 Jun 2017 17:52:18 -0300 Subject: [PATCH] Changing cert-find to go through the proxy instead of using the port 8080 The cert-find command now uses the proxy to reach Dogtag, instead of using the port 8080. In order to accomplish that, it's necessary to change the proxy configuration including the URL called. https://pagure.io/freeipa/issue/6966 --- install/conf/ipa-pki-proxy.conf | 2 +- ipaserver/plugins/dogtag.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/install/conf/ipa-pki-proxy.conf b/install/conf/ipa-pki-proxy.conf index b48a3020d2..8a8eaa7f3f 100644 --- a/install/conf/ipa-pki-proxy.conf +++ b/install/conf/ipa-pki-proxy.conf @@ -27,7 +27,7 @@ ProxyRequests Off </LocationMatch> # matches for CA REST API -<LocationMatch "^/ca/rest/account/login|^/ca/rest/account/logout|^/ca/rest/installer/installToken|^/ca/rest/securityDomain/domainInfo|^/ca/rest/securityDomain/installToken|^/ca/rest/profiles|^/ca/rest/authorities|^/ca/rest/certrequests|^/ca/rest/admin/kraconnector/remove"> +<LocationMatch "^/ca/rest/account/login|^/ca/rest/account/logout|^/ca/rest/installer/installToken|^/ca/rest/securityDomain/domainInfo|^/ca/rest/securityDomain/installToken|^/ca/rest/profiles|^/ca/rest/authorities|^/ca/rest/certrequests|^/ca/rest/admin/kraconnector/remove|^/ca/rest/certs/search"> NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate NSSVerifyClient optional ProxyPassMatch ajp://localhost:$DOGTAG_PORT diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index bddaab58a5..0e68de6219 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -1903,7 +1903,7 @@ def convert_time(value): self.debug('%s.find(): request: %s', type(self).__name__, payload) url = 'http://%s/ca/rest/certs/search?size=%d' % ( - ipautil.format_netloc(self.ca_host, 8080), + ipautil.format_netloc(self.ca_host, 80), options.get('sizelimit', 0x7fffffff)) opener = urllib.request.build_opener()
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org