Going to give this a try today.
Thanks so much for taking the time to work this out.


On 8/24/15 2:01 AM, Jan Pazdziora wrote:
On Thu, Aug 20, 2015 at 02:26:43PM +0200, Jan Pazdziora wrote:
On Tue, Aug 18, 2015 at 02:58:50PM -0700, Janelle wrote:
Tried that -- but it gives a blank screen. I will try playing with it some
more.  At least I know we are thinking in the same ballpark
I was able to set this up just fine with
freeipa-server-4.1.4-4.fc22.x86_64. You need to disable the

        # Redirect to the secure port if not displaying an error or retrieving
        # configuration.
        RewriteCond %{SERVER_PORT}  !^443$
        RewriteCond %{REQUEST_URI}  !^/ipa/(errors|config|crl)
        RewriteCond %{REQUEST_URI}  
        RewriteRule ^/ipa/(.*)      https://ipa.example.test/ipa/$1 [L,R=301,NC]

part on the IPA server or you will get infinite redirection loop.

Also you will need to test it through that SSL proxy, not directly
against http://ipa.example.test/, or authentication on the WebUI will
not work -- the session cookie is marked as Secure so the browser will
not store it when it comes via http, plus the UI checks referer to
start with https://.
I've put the notes about the setup I've tried to


Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to