Hi, please review the attached patch.
Make sure the hostname isn't resolved to link local IPv6(feXX:...) during testing, which doesn't work (and isn't supposed to).
-- Tomas Krizek
From d4a7a4e637951fca5331e9dc0622df912e828a26 Mon Sep 17 00:00:00 2001 From: Tomas Krizek <tkri...@redhat.com> Date: Fri, 19 Aug 2016 12:16:54 +0200 Subject: [PATCH] Fix ipa-server-install in pure IPv6 environment Installation in pure IPv6 environment failed because pki-tomcat tried to use IPv4 loopback. Configuring tomcat to use IPv6 loopback instead of IPv4 fixes this issue. https://fedorahosted.org/freeipa/ticket/4291 --- ipaserver/install/cainstance.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 2ec02d6628ebc9e3a9bad141ec636c84eab14cef..c4b8e9ae326fb7ebda9e927cd4d0b5bad9743db4 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -578,6 +578,10 @@ class CAInstance(DogtagInstance): config.set("CA", "pki_external_ca_cert_chain_path", cert_chain_file.name) config.set("CA", "pki_external_step_two", "True") + # PKI IPv6 Configuration + config.add_section("Tomcat") + config.set("Tomcat", "pki_ajp_host", "::1") + # Generate configuration file with open(cfg_file, "wb") as f: config.write(f) -- 2.7.4
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code