We again need to prevent mod_ssl from being installed since we proxy for
dogtag now. mod_proxy provides a single API for doing SSL proxying and
if mod_ssl is merely loaded in Apache it grabs the interface for doing
this from mod_nss.
rob
>From 75f5a293674d1e423f0fc499e055d1ed076ae2a0 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcrit...@redhat.com>
Date: Fri, 20 Jan 2012 11:06:28 -0500
Subject: [PATCH] Add Conflicts on mod_ssl because it interferes with
mod_proxy and dogtag
We had this in v1 but removed it with v2 because we no longer used
TurboGears for the UI. Because we are now proxying requests to dogtag
we need to re-add this so that mod_ssl doesn't interfere with our
communication.
mod_ssl always blindly registers itself as the SSL provider for mod_proxy.
mod_nss will only register itself if mod_ssl hasn't already done so.
https://fedorahosted.org/freeipa/ticket/2177
---
freeipa.spec.in | 9 ++++++++-
1 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/freeipa.spec.in b/freeipa.spec.in
index b96af42..9704f2a 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -154,6 +154,10 @@ Requires(postun): python initscripts chkconfig
Conflicts: bind-dyndb-ldap < 1.0.0-0.1.b1
Conflicts: bind < 9.8.1-1
+# mod_proxy provides a single API to communicate over SSL. If mod_ssl
+# is even loaded into Apache then it grabs this interface.
+Conflicts: mod_ssl
+
Obsoletes: ipa-server >= 1.0
%description server
@@ -614,7 +618,10 @@ fi
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/default.conf
%changelog
-* Wed Jan 11 2012 Simo Sorce <s...@redhat.com? - 2.2.0-7
+* Fri Jan 20 2012 Simo Sorce <s...@redhat.com> - 2.2.0-8 -
+- Add Conflicts on mod_ssl
+
+* Wed Jan 11 2012 Simo Sorce <s...@redhat.com> - 2.2.0-7
- Remove dependency on samba4 libs
* Wed Jan 11 2012 Rob Crittenden <rcrit...@redhat.com> - 2.2.0-6
--
1.7.6
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
