Hello
We want to give freeipa web ui access to a corporate team, our security guys insist we
hide this behind a reverse proxy, we're putting 2 of our 10 freeipa servers behind the
RP address.
In our initial testing we get the kerberos error "Unable to verify your Kerberos
credentials" in the browser.
I saw this
https://www.redhat.com/archives/freeipa-users/2015-April/msg00597.html
which led me to this
https://ssimo.org/blog/id_019.html
The last paragraph mentions "... until the FreeIPA project provides a way to
officially access the Web UI using aliases." - is this a thing now?
Otherwise I presume to follow the step mentioned in the very last sentence and to
investigate redirection.
Thanks for any pointers.
Regards
Angus