we discussed the options internally and finally decided to host ipa within the
private subnets - our security team wast too comfortable to expose ipa
servers on to the public network.
Sent from my iPhone
> On 14-Nov-2016, at 17:56, Jan Pazdziora <jpazdzi...@redhat.com> wrote:
>> On Mon, Nov 14, 2016 at 08:49:34AM +0100, Martin Basti wrote:
>>> On 13.11.2016 16:33, Deepak Dimri wrote:
>>> I have my IPA servers hosted in the AWS private subnets and i can access
>>> them using AWS elb URL from public internet just fine. The problem is
>>> that when i enter https://<elb>/index.htl (dummy index.html hosted on
>>> IPA) i can access index.html just fine but when i try
>>> https://<elb>/ipa/ui then i am getting redirected to
>>> <https://%3Cipa_private_hostname%3E/ipa/ui> which is resulting to
>>> "This site can't be reached" error.
>>> What should i be doing to access IPA server(s) uri when they running
>>> behind the load balancer or proxy servers?
>> this may help you
> For the AWS case, wouldn't it be easier to just have the IPA server
> use the public hostname from the very beginning? You can always put
> appropriate records to /etc/hosts to shortcut the IPA->IPA traffic to
> never leave the machine.
> Jan Pazdziora
> Senior Principal Software Engineer, Identity Management Engineering, Red Hat
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project