URL: https://github.com/freeipa/freeipa/pull/874 Author: felipevolpone Title: #874: Changing cert-find to go through the proxy instead of using the port 8080 Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/874/head:pr874 git checkout pr874
From 433b4db62d335e955aa99c2f4031bf6162adaa2b Mon Sep 17 00:00:00 2001 From: Felipe Volpone <felipevolp...@gmail.com> Date: Wed, 14 Jun 2017 18:19:41 -0300 Subject: [PATCH] Changing cert-find to go through the proxy instead of using the port 8080 The cert-find command now uses the proxy to reach Dogtag, instead of using the port 8080. In order to accomplish that, it's necessary to change the proxy configuration including the URL called. https://pagure.io/freeipa/issue/6966 --- install/conf/ipa-pki-proxy.conf | 4 ++-- ipaserver/plugins/dogtag.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/install/conf/ipa-pki-proxy.conf b/install/conf/ipa-pki-proxy.conf index b48a3020d2..106ddc4fa7 100644 --- a/install/conf/ipa-pki-proxy.conf +++ b/install/conf/ipa-pki-proxy.conf @@ -1,4 +1,4 @@ -# VERSION 10 - DO NOT REMOVE THIS LINE +# VERSION 11 - DO NOT REMOVE THIS LINE ProxyRequests Off @@ -27,7 +27,7 @@ ProxyRequests Off </LocationMatch> # matches for CA REST API -<LocationMatch "^/ca/rest/account/login|^/ca/rest/account/logout|^/ca/rest/installer/installToken|^/ca/rest/securityDomain/domainInfo|^/ca/rest/securityDomain/installToken|^/ca/rest/profiles|^/ca/rest/authorities|^/ca/rest/certrequests|^/ca/rest/admin/kraconnector/remove"> +<LocationMatch "^/ca/rest/account/login|^/ca/rest/account/logout|^/ca/rest/installer/installToken|^/ca/rest/securityDomain/domainInfo|^/ca/rest/securityDomain/installToken|^/ca/rest/profiles|^/ca/rest/authorities|^/ca/rest/certrequests|^/ca/rest/admin/kraconnector/remove|^/ca/rest/certs/search"> NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate NSSVerifyClient optional ProxyPassMatch ajp://localhost:$DOGTAG_PORT diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index bddaab58a5..0e68de6219 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -1903,7 +1903,7 @@ def convert_time(value): self.debug('%s.find(): request: %s', type(self).__name__, payload) url = 'http://%s/ca/rest/certs/search?size=%d' % ( - ipautil.format_netloc(self.ca_host, 8080), + ipautil.format_netloc(self.ca_host, 80), options.get('sizelimit', 0x7fffffff)) opener = urllib.request.build_opener()
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org