Thank You for the clarification all.
Sean Hogan
From: Rob Crittenden
To: Sean Hogan/Durham/IBM@IBMUS, Peter Fern
Cc: freeipa-users
Date: 09/01/2016 06:47 AM
Subject:Re: [Freeipa-users] IPA port 80
Sean Hogan wrote:
> Thanks Peter,
>
>
>
On Thu, 2016-09-01 at 09:33 +1000, Peter Fern wrote:
> On 01/09/16 08:35, Simo Sorce wrote:
> > Port 80 is not required, the only thing you'll find there is a redirect
> > to the HTTPS port.
>
> What about CRL/OCSP (and possibly others)? The Apache configs
> explicitly do not redirect to HTTPS ex
r Fern
---08/31/2016 04:01:30 PM---You need to serve CRLs and OCSP via HTTP to
avoid clients failing to verify the cert of the host ser
From: Peter Fern
To: freeipa-users
Date: 08/31/2016 04:01 PM
Subject: Re: [Freeipa-users] IPA port 8
Note: In RHEL 7, 389 port is used for replication instead of 7389 port.
Sean Hogan
From: Peter Fern
To: freeipa-users
Date: 08/31/2016 04:01 PM
Subject: Re: [Freeipa-users] IPA port 80
Sent by:freeipa-users-boun...@redhat.com
You need to serve CRLs and OCSP
On 01/09/16 08:35, Simo Sorce wrote:
> Port 80 is not required, the only thing you'll find there is a redirect
> to the HTTPS port.
What about CRL/OCSP (and possibly others)? The Apache configs
explicitly do not redirect to HTTPS except for the /ipa path for this
reason.
--
Manage your subscrip
unning DNS and NTP from IPA.
Sean Hogan
From: Simo Sorce
To: Sean Hogan/Durham/IBM@IBMUS
Cc: freeipa-users
Date: 08/31/2016 03:36 PM
Subject: Re: [Freeipa-users] IPA port 80
On Wed, 2016-08-31 at 14:22 -0700, Sean Hogan wrote:
>
>
> Hi all,
>
> Bee
You need to serve CRLs and OCSP via HTTP to avoid clients failing to
verify the cert of the host serving the CRL/OCSP when the cert on that
host needs to be verified at itself.
I'm not sure why you'd particularly care though - reading the Apache
configs and you should see that other than a couple
On Wed, 2016-08-31 at 14:22 -0700, Sean Hogan wrote:
>
>
> Hi all,
>
> Been reading a lot about Port 80 for IPA and firewalls but have not found
> a concrete answer. I know the redhat docs indicate port 80 is required
> bidirectional however I need to investigate if it is truly needed.
>
> G
Hi all,
Been reading a lot about Port 80 for IPA and firewalls but have not found
a concrete answer. I know the redhat docs indicate port 80 is required
bidirectional however I need to investigate if it is truly needed.
GUI only responds to 443 so not sure what else would be utilizing port