On Thu, 2012-03-29 at 20:43 +0200, Natxo Asenjo wrote:
>
> On Thu, Mar 29, 2012 at 8:25 PM, Simo Sorce wrote:
> Your configuration looks right, but I went back and looked at
> your logs
> and I saw a permission denied error.
>
> I would check that the apac
On Thu, Mar 29, 2012 at 8:25 PM, Simo Sorce wrote:
> Your configuration looks right, but I went back and looked at your logs
> and I saw a permission denied error.
>
> I would check that the apache user can access the keytab
> file: /etc/httpd/conf/webserver01_http.keytab
> If you are using RHEL/
On Thu, 2012-03-29 at 08:58 +0200, Natxo Asenjo wrote:
> On Wed, Mar 28, 2012 at 11:36 PM, Simo Sorce wrote:
>
>
> CNAMEs should work just fine with the host's HTTP/A-name@REALM
> key.
> In fact I just tested a virtual host on my ipa server using a
>
On Wed, Mar 28, 2012 at 11:36 PM, Simo Sorce wrote:
>
> CNAMEs should work just fine with the host's HTTP/A-name@REALM key.
> In fact I just tested a virtual host on my ipa server using a cname and
> it worked.
>
great!
> Can you post your (sanitized) mod_auth_kerb configuration ?
> Also what
On Wed, 2012-03-28 at 17:30 -0400, Rob Crittenden wrote:
> Natxo Asenjo wrote:
> > hi,
> >
> > enable a kerberized site with the fqdn is very easy with freeipa but we
> > would like to use virtual hosting and kerberized sites.
> >
> > I have joined a host webserver01.ipa.domain.tld to a ipa realm.
On Wed, 2012-03-28 at 22:49 +0200, Natxo Asenjo wrote:
> hi,
>
> enable a kerberized site with the fqdn is very easy with freeipa but
> we would like to use virtual hosting and kerberized sites.
>
> I have joined a host webserver01.ipa.domain.tld to a ipa realm. I then
> created a spn HTTP/webser
Natxo Asenjo wrote:
hi,
enable a kerberized site with the fqdn is very easy with freeipa but we
would like to use virtual hosting and kerberized sites.
I have joined a host webserver01.ipa.domain.tld to a ipa realm. I then
created a spn HTTP/webserver01.ipa.domain.tld, generated the keytab,
con
hi,
enable a kerberized site with the fqdn is very easy with freeipa but we
would like to use virtual hosting and kerberized sites.
I have joined a host webserver01.ipa.domain.tld to a ipa realm. I then
created a spn HTTP/webserver01.ipa.domain.tld, generated the keytab,
configured the apache web