On ti, 03 maalis 2020, Justin Haygood via FreeIPA-users wrote:
Figured it out. It's half unsupported use-case and half bug in freeipa's
httpd configuration:
If the httpd instance used by freeipa also hosts other vhosts on the same
IP (and those vhosts have SSL certs), then freeipa can't resolve itself. It
works fine on different IP addresses though.
The fix would be to add a VirtualHost just for freeipa that configures the
SSL certs used by freeipa, versus just modifying the default SSL
configuration
Correct. We do not support this but I run in a similar configuration
myself and effectively have to maintain two mod_ssl configurations. I
ended up using the same cert in both, with a domain wildcard just for
this purpose. But it is pretty much a manual configuration.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
