Hello
We want to give freeipa web ui access to a corporate team, our security guys insist we hide this behind a reverse proxy, we're putting 2 of our 10 freeipa servers behind the RP address.
In our initial testing we get the kerberos error "Unable to verify your Kerberos credentials" in the browser.
I saw this
which led me to this
The last paragraph mentions "... until the FreeIPA project provides a way to officially access the Web UI using aliases." - is this a thing now?
Otherwise I presume to follow the step mentioned in the very last sentence and to investigate redirection.
Thanks for any pointers.
Regards
Angus