re: certmaster 0.24 patch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks for the reply Adrian.  I believe it's necessary because the listen_addr only seems to apply to the certmaster server.  In my case, the certmaster server has only one interface.

One of the other servers that I wish to control (a minion) has 3 interfaces and multiple names (it has several virtual hosts and such as well). When it requests to be signed by the overlord, it is asking for the overlord to sign as the FQDN rather than the desired alias.  If I set the listen_addr in func/minion.conf and/or certmaster/minion_conf it has no noticeable effect.  If I set "minion_name= myalias" then it works perfectly from my perspective-- when funcd starts it requests to be signed as "myalias" rather than as it's FQDN.

Most of the minions asking to be signed only have one ip address so things work fine for them.  Although one minion didn't have domainname set so it requested as just the host.  To solve that I could either set the domainname -or- set the minion_name in the minion.conf file (using the patch).

Phil

_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list

[Index of Archives]     [Fedora Users]     [Linux Networking]     [Fedora Legacy List]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux