To convert an older build where the PKI system wasn't proxied:

awk '{print $0} /Define an AJP 1.3 Connector on port/ {print "<Connector port=\"9447\" protocol=\"AJP/1.3\" redirectPort=\"9444\" />}" }' /etc/pki-ca/server.xml > ; mv /etc/pki-ca/server.xml

sed -e "s/\[PKI_MACHINE_NAME\]/$HOSTNAME/g" -e "s/\[PKI_AJP_PORT\]/9444/g" /usr/share/pki/ca/conf/proxy.conf > /etc/pki-ca/proxy.conf

I've used the default ports here.  Adjest is you've altered yours.

IPA copies the proxy.conf file into /etc/httpd/conf.d and renames it. You can do the same thing by hand.

I'm not sure if this should go into PKI or IPA.

Freeipa-devel mailing list

Reply via email to