Andrew Meyer via FreeIPA-users wrote:
I have emailed in previously fro issues w/ Amazon Linux 2 as a replica server but I am wondering If I can use Amazon Linux 2 as a client machine to FreeIPA. Will I run into the same issues with SSL (NSS vs OpenSSL) that I did with the replica?
Hard to say without knowing what their packaging looks like.
That said the client is mostly a tool to help ensure the environment is sane and if so writes a bunch of configuration files. SSSD does all the heavy lifting post-install. So there is perhaps some more room for differences.
I'll note that the client uses curl as well via xmlrpc-c during enrollment and using certmonger assuming you get a cert on this host.
rob