Product SiteDocumentation Site

16.5. Setting a FreeIPA Server as an Apache Virtual Host

If a standard Apache instance is already running on port 80, then the FreeIPA server can be configured to run on a secondary port, such as port 8089.

NOTE

In this configuration, FreeIPA uses standard HTTP, not a secure connection using SSL.

NOTE

Do not use port 8080. This port is used by the FreeIPA web UI.
  1. Log in as the root user.
  2. Edit the /etc/httpd/conf.d/ipa.conf file so that it is formatted as an Apache virtual host. Add three lines to the beginning of the file to set the new port number for the FreeIPA web service and to create the root <VirtualHost> element.
    Listen 8089
    NameVirtualHost *:8089
    <VirtualHost *:8089>
    
  3. Close the <VirtualHost> element by adding this line to the end of the file:
    </VirtualHost>
  4. Comment out the rewrite rules from the /etc/httpd/conf.d/ipa.conf file:
    ----------------------------------------------------------------------
    # Redirect to the fully-qualified hostname. Not redirecting to secure
    # port so configuration files can be retrieved without requiring SSL.
    RewriteCond %{HTTP_HOST}    !^host.foo.com$ [NC]
    RewriteRule ^/(.*)          http://host.foo.com/$1 [L,R=301]
    
    # Redirect to the secure port if not displaying an error or retrieving
    # configuration.
    RewriteCond %{SERVER_PORT}  !^443$
    RewriteCond %{REQUEST_URI}  !^/(errors|config|favicon.ico)
    RewriteRule ^/(.*)          https://host.foo.com/$1 [L,R=301,NC]
    ---------------------------------------------------------------------
    
  5. Restart the httpd service.
    # service httpd reload