----- Oryginalna wiadomość -----
> Od: "Alexander Bokovoy" <aboko...@redhat.com>
> So you have two different certificates in use here and your client
> doesn't know about the other certificate (from your proxy). You need
> either to deliver that certificate to the client by yourself or change
> your proxying technology to something different.
> 
> For example, you can use sniproxy which doesn't require in-the-middle
> certificate. https://github.com/dlundquist/sniproxy

Thanks for that hint. I'll have a look at that.

However I have an Idea:
If I could export ipa's mod_nss cert+key and then use them on my proxy running 
mod_ssl that probably could solve the issue.

Right?

Piotr

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to