Is it possible to run an FreeIPA server next to a full configured apache server with ssl/tls configured virtual hosts and if yes what do I have to do to not get a conflicting 443 port error during installation?
Background: On a CentOS 7.1 machine I have installed apache with multiple virtual hosts which support SSL/TLS encryption. Now I want to install a FreeIPA server on this system. But when running the command ipa-server-install I get following error message:
Apache is already configured with a listener on port 443:
*:443 is a NameVirtualHost
ipa.ipapython.install.cli.install_tool(Server): ERROR Aborting installation
Best Answer
FreeIPA installer is not designed to be run on the machine where apache already serves something else.
NOTE: Your FreeIPA master server is equal to the heart of your internal infrastructure as it hosts your key components -- passwords are there, as well as key private certificates that can be used to compromise your whole environment if not secured properly. Running third-party apps at the heart of your infrastructure is increasing attack surface and simply making it more vulnerable to external attacks -- you now would need to make sure your third-party apps secure enough.