On 03/21/2017 02:26 PM, Rob Crittenden wrote:
Um, this _might_ work. Each httpd worker will have an fd open to the NSS
database files so you'd want to do this rather carefully.
I'm no expert on this stuff, but my understanding is that any file
descriptors will continue to point to the older
Ian Pilcher wrote:
> On 03/20/2017 11:02 AM, Rob Crittenden wrote:
>> I think his concern may be around warnings that the NSS BDB databases
>> should only be updated when quiet. In the case of mod_nss it explicitly
>> opens the database read-only so I think you'd be safe updating the
>>
On 03/20/2017 11:02 AM, Rob Crittenden wrote:
I think his concern may be around warnings that the NSS BDB databases
should only be updated when quiet. In the case of mod_nss it explicitly
opens the database read-only so I think you'd be safe updating the
certificate.
You are correct about my
Martin Basti wrote:
>
>
> On 20.03.2017 16:12, Ian Pilcher wrote:
>> On 03/20/2017 04:00 AM, David Kupka wrote:
>>> Generally I would not recommend touching this on production system.
>>> Why do you want to change the database format?
>>
>> My FreeIPA server also acts as a reverse proxy/TLS
On 20.03.2017 16:12, Ian Pilcher wrote:
> On 03/20/2017 04:00 AM, David Kupka wrote:
>> Generally I would not recommend touching this on production system.
>> Why do you want to change the database format?
>
> My FreeIPA server also acts as a reverse proxy/TLS endpoint for my
> home sprinkler
On 03/20/2017 04:00 AM, David Kupka wrote:
Generally I would not recommend touching this on production system.
Why do you want to change the database format?
My FreeIPA server also acts as a reverse proxy/TLS endpoint for my
home sprinkler system (https://opensprinkler.com/), allowing me to
On Sat, Mar 18, 2017 at 11:58:35AM -0500, Ian Pilcher wrote:
> Can IPA 4.4 (on CentOS 7) use a SQLite format NSS database in
> /etc/httpd/alias?
>
> I would presumably have to prepend "sql:" to the NSSCertificateDatabase
> setting in nss.conf.
>
> Anything else?
>
> --
>
Can IPA 4.4 (on CentOS 7) use a SQLite format NSS database in
/etc/httpd/alias?
I would presumably have to prepend "sql:" to the NSSCertificateDatabase
setting in nss.conf.
Anything else?
--
Ian Pilcher
