Re: [Freeipa-devel] Upgrading a machine to use the proxy.
OK, here's something closer to releasable and written in Perl. This script will upgrade the proxy ports to 9444 by default, or allow you to override by setting the first parameter. enable_proxy_dogtag.pl Description: Perl program ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Upgrading a machine to use the proxy.
On 09/14/2011 04:46 PM, Rob Crittenden wrote: > Adam Young wrote: >> To convert an older build where the PKI system wasn't proxied: >> >> >> awk '{print $0} /Define an AJP 1.3 Connector on port/ {print "> port=\"9447\" protocol=\"AJP/1.3\" redirectPort=\"9444\" />}" }' >> /etc/pki-ca/server.xml > server.xml.new ; mv server.xml.new >> /etc/pki-ca/server.xml >> >> sed -e "s/\[PKI_MACHINE_NAME\]/$HOSTNAME/g" -e >> "s/\[PKI_AJP_PORT\]/9444/g" /usr/share/pki/ca/conf/proxy.conf > >> /etc/pki-ca/proxy.conf >> >> >> I've used the default ports here. Adjest is you've altered yours. >> >> >> IPA copies the proxy.conf file into /etc/httpd/conf.d and renames it. >> You can do the same thing by hand. >> >> >> I'm not sure if this should go into PKI or IPA. > > Since these are dogtag configuration files I think dogtag needs to > handle updating them. > Agree. > rob > > ___ > Freeipa-devel mailing list > Freeipa-devel@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-devel -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Upgrading a machine to use the proxy.
Adam Young wrote: To convert an older build where the PKI system wasn't proxied: awk '{print $0} /Define an AJP 1.3 Connector on port/ {print "}" }' /etc/pki-ca/server.xml > server.xml.new ; mv server.xml.new /etc/pki-ca/server.xml sed -e "s/\[PKI_MACHINE_NAME\]/$HOSTNAME/g" -e "s/\[PKI_AJP_PORT\]/9444/g" /usr/share/pki/ca/conf/proxy.conf > /etc/pki-ca/proxy.conf I've used the default ports here. Adjest is you've altered yours. IPA copies the proxy.conf file into /etc/httpd/conf.d and renames it. You can do the same thing by hand. I'm not sure if this should go into PKI or IPA. Since these are dogtag configuration files I think dogtag needs to handle updating them. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] Upgrading a machine to use the proxy.
To convert an older build where the PKI system wasn't proxied: awk '{print $0} /Define an AJP 1.3 Connector on port/ {print "/>}" }' /etc/pki-ca/server.xml > server.xml.new ; mv server.xml.new /etc/pki-ca/server.xml sed -e "s/\[PKI_MACHINE_NAME\]/$HOSTNAME/g" -e "s/\[PKI_AJP_PORT\]/9444/g" /usr/share/pki/ca/conf/proxy.conf > /etc/pki-ca/proxy.conf I've used the default ports here. Adjest is you've altered yours. IPA copies the proxy.conf file into /etc/httpd/conf.d and renames it. You can do the same thing by hand. I'm not sure if this should go into PKI or IPA. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel