On 6.3.2015 14:08, Martin Kosek wrote:
> I'm figuring out how to regenerate the webserver certificates so I can
> use a loadbalancer in front of my ipa servers.
Are you talking about FreeIPA web interface? It is technically possible to use
load-balancer but it will be really hacky. You would have to solve
certificates and also distribute shared keytabs and so on.
I would recommend you to use "something" which issues HTTP redirect to ipa
server 1/2/3/4/5 according to current state instead of using classical load
balancer on the network level. Normal HTTP redirect will not force you to mess
with certs and keytabs.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project