On 08/19/2011 01:19 PM, Adam Young wrote:
> The complete solution for this patch requires changes in Dogtag that
> Ade Lee is working on right now. In order to test, I have provided a
> couple of files that I have been using:
> 1. Apply patch, build and install IPA rpms, run ipaserver-install as
> per usual.
> 2. Move the dogtag.conf file into /etc/httpd/conf.d directorys
> 3. Run the proxy_dogtag.py script to modify the Dogtag instance to
> accept AJP connections from httpd so httpd can act as a proxy
> 4. Restart IPA
> To test:
> 1. add a host.
> 2. Generate a csr:
> 3. request a certificate for the newly added host.
> 4. Optionally, Revoke the certificate for the host
Please do not forget to test the proxy test when replica does not have
the CA installed and has to forward the request to the one that has.
> Freeipa-devel mailing list
Sr. Engineering Manager IPA project,
Red Hat Inc.
Looking to carve out IT costs?
Freeipa-devel mailing list