sue is on dogtag side and not
> always reproducible.
>
> On 18.05.2017 14:44, Callum Guy wrote:
>
> Thanks for that Martin.
>
> The man page for ipa-ca-install suggests i could pass in my replica file
> to create a "CA-less" configuration. Is this what i want or is a CA-full
n Thu, May 18, 2017 at 1:28 PM Martin Bašti <mba...@redhat.com> wrote:
> ipa-ca-install will install on top of FreeIPA CA-less replica, nothing
> else, you really don't want to do it manually.
>
> On 18.05.2017 14:12, Callum Guy wrote:
>
> Thanks Martin, really app
a major time investment.
On Thu, May 18, 2017 at 12:46 PM Martin Bašti <mba...@redhat.com> wrote:
>
> Please note that commits in #6766 will not fix this issue, the issue is on
> dogtag side, please see https://pagure.io/dogtagpki/issue/2646
> Sorry for troubles
>
>
> On 1
n, rooted in
> grief and rage but pointed towards vision and dreams."
>
> - Patrice Cullors, *Black Lives Matter founder*
>
> On 18 May 2017 at 19:53, Callum Guy <callum@x-on.co.uk> wrote:
>
>> Ah, thanks for that Lachlan - its always reassuring to hear tha
; L.
>>
>> --
>> "Mission Statement: To provide hope and inspiration for collective
>> action, to build collective power, to achieve collective transformation,
>> rooted in grief and rage but pointed towards vision and dreams."
>>
>> - Patrice Cullo
in the event of a failure of my master server (I only have these two)
will all my certificates be invalidated and lost or will the replica still
be able to handle these certificates until a time where a new master has
been created?
Thanks,
Callum
On Thu, May 18, 2017 at 9:57 AM Callum Guy <cal
Hi All,
I am currently stuck trying to setup the first replica of our master IPA
server. I have tried a number of different approaches including escalating
from a client and nothing is working for me. I perform a full OS reset each
time I get stuck.
I'm running CentOS 7.2 with the FreeIPA 4.4.0
Managed to get PKI/Tomcat patched for TLS 1.2.
*/etc/pki/pki-tomcat/server.xml*
*...*
* sslVersionRangeStream="tls1_2:tls1_2" *
*sslVersionRangeDatagram="tls1_2:tls1_2" *
*...*
Thanks, resolved.
On Thu, Apr 27, 2017 at 10:01 PM Callum Guy <callum@x-on.co.uk> wrot
t;
209sslRangeCiphers="[TOMCAT_SSL_RANGE_CIPHERS]"
I'll feed back if i work it out.
Thanks,
On Thu, Apr 27, 2017 at 8:22 PM Callum Guy <callum@x-on.co.uk> wrote:
> Thanks so much for the link Rob - i'm on 4.4.0. I'll get back in touch if
> i run into any
Thanks so much for the link Rob - i'm on 4.4.0. I'll get back in touch if i
run into any issues - i find it difficult to locate these help pages so
really do appreciate the advice
On Thu, Apr 27, 2017 at 8:16 PM Rob Crittenden <rcrit...@redhat.com> wrote:
> Callum Guy wrote:
&
Hi All,
I'm currently looking at hardening my FreeIPA server as part of a PCI
assessment.
I am hoping to be able to fix PKI (ports 8443) and SLAPD (LDAPS) to use
only TLS1.2 - both currently support TLS1.0 and unfortunately that is
non-compliant for my environment.
Also i'm very much hoping not
Hi All,
I am looking to find out all the services which FreeIPA has installed and
which must be up and running as part of normal operations. I am clear on
the various systems which have been installed on the master server (we run
no replicas) however I'm not sure what resource I should refer to
lied to the list I keep receiving spam emails, what is happening?
*From:* Stefan Uygur
*Sent:* 05 December 2016 16:40
*To:* 'Callum Guy'; Florence Blanc-Renaud; freeipa-users@redhat.com
*Subject:* RE: [Freeipa-users] Directory Manager Password Change
Glad you solved your issue.
I’ve been the
<suy...@firstderivatives.com>
wrote:
> Glad you solved your issue.
>
>
>
> I’ve been there myself so don’t worry about it at all.
>
>
>
> *From:* Callum Guy [mailto:callum@x-on.co.uk]
> *Sent:* 05 December 2016 16:37
> *To:* Stefan Uygur; Florence
n
>
>
>
>
>
> *From:* freeipa-users-boun...@redhat.com [mailto:
> freeipa-users-boun...@redhat.com] *On Behalf Of *Callum Guy
> *Sent:* 05 December 2016 13:38
> *To:* Florence Blanc-Renaud; freeipa-users@redhat.com
> *Subject:* Re: [Freeipa-users] Directory Manager Password
Hi All,
I have been testing FreeIPA and now plan to migrate to production use -
thanks for creating such a great application!
During the test phase we have been using simple passwords for the admin and
directory manager users however we need these changed before moving into
production. I believe
to explain the situation. I
hope to pay back the favour in due course.
Best Regards,
Callum
On Wed, Nov 30, 2016 at 1:11 PM David Kupka <dku...@redhat.com> wrote:
> On 30/11/16 10:13, David Kupka wrote:
> > On 29/11/16 12:57, Callum Guy wrote:
> >> Hi Alexander,
> >>
&
Bokovoy <aboko...@redhat.com>
wrote:
> On ti, 29 marras 2016, Callum Guy wrote:
> >Hi Petr,
> >
> >Thanks for coming back to me on this.
> >
> >I have only tried using Google Authenticator. The generated QR code
> >successfully scans and codes ar
01:03 PM, Callum Guy wrote:
> > Hi All,
> >
> > I wanted to ask a quick question - perhaps a more experienced user will
> be able
> > to help or point me to the correct documentation.
> >
> > Basically we have implemented password+OTP type authentication whi
Hi All,
I wanted to ask a quick question - perhaps a more experienced user will be
able to help or point me to the correct documentation.
Basically we have implemented password+OTP type authentication which works
great.
When adding a OTP code using the admin login you can choose an algorithm.
20 matches
Mail list logo