4a30e9d Do not configure PKI ajp redirection to use "::1"

2 files Authored by frenaud 7 years ago, Committed by mbabinsk 7 years ago,
    Do not configure PKI ajp redirection to use "::1"
    
    When ipa-server-install configures PKI, it provides a configuration file
    with the parameter pki_ajp_host set to ::1. This parameter is used to configure
    Tomcat redirection in /etc/pki/pki-tomcat/server.xml:
        
            protocol="AJP/1.3"
            redirectPort="8443"
            address="::1" />
    ie all requests to port 8009 are redirected to port 8443 on address ::1.
    
    If the /etc/hosts config file does not define ::1 for localhost, then AJP
    redirection fails and replica install is not able to request a certificate
    for the replica.
    
    Since PKI has been fixed (see PKI ticket 2570) to configure by default the AJP
    redirection with "localhost", FreeIPA does not need any more to override
    this setting.
    The code now depends on pki 10.3.5-11 which provides the fix in the template
    and the upgrade.
    
    https://fedorahosted.org/freeipa/ticket/6575
    
    Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
    
        
file modified
+2 -2