Harry Kashouli wrote:
Hi all,

I have a freeipa server set up, and would like to access the Web UI
remotely (from outside my home network).

I set up a fresh Fedora 24 server install, and installed freeipa-server.
  - I own a domain, domain.com <http://domain.com>
  - The hostname of my freeipa server is hostname.subdomain.domain.com
<http://hostname.subdomain.domain.com>
  - My home network domain is subdomain.domain.com
<http://subdomain.domain.com>

I set up a CNAME hostname.domain.com <http://hostname.domain.com> and
port forwardings, and I tested this works with nginx on the same
machine; I can successfully see the nginx test page.
I then assumed I could do the same with the freeipa Web UI, but when I
navigate to http://hostname.domain.com:<external_port>, it switches to
https://hostname.subdomain.domain.com:<internal_port>, and with the
following error: "Server not found"

What am I doing wrong?

Look at ipa-rewrite.conf in the IPA Apache config. It does rewriting to the real name of the IPA server when it was installed. You can try tweaking this to allow both names, or to just not do the rewriting.

You may have issues with Kerberos and SSL due to using a different name.

You definitely don't want to use IPA over an unsecure channel.

rob

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to