On 08/19/2011 01:19 PM, Adam Young wrote:
> The complete solution for this patch requires changes in Dogtag that
> Ade Lee is working on right now.  In order to test, I have provided a
> couple of files that I have been using:
>
>
> 1.  Apply patch, build and install IPA rpms, run ipaserver-install as
> per usual.
> 2.  Move the dogtag.conf file into /etc/httpd/conf.d directorys
> 3.  Run the proxy_dogtag.py script   to modify the Dogtag instance to
> accept AJP connections from httpd so httpd can act as a proxy
> 4. Restart IPA
>
>
> To test:
>
> 1. add a host.
> 2.  Generate a csr:  
> http://freeipa.org/page/Certificate_Authority#Request_a_certificate
> 3.  request a certificate for the newly added host.
> 4.  Optionally, Revoke the certificate for the host
>


Please do not forget to test the proxy test when replica does not have
the CA installed and has to forward the request to the one that has.

>
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to