On 6.3.2015 14:08, Martin Kosek wrote:
> I'm figuring out how to regenerate the webserver certificates so I can
> use a loadbalancer in front of my ipa servers.

Are you talking about FreeIPA web interface? It is technically possible to use
load-balancer but it will be really hacky. You would have to solve
certificates and also distribute shared keytabs and so on.

I would recommend you to use "something" which issues HTTP redirect to ipa
server 1/2/3/4/5 according to current state instead of using classical load
balancer on the network level. Normal HTTP redirect will not force you to mess
with certs and keytabs.

-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to