hi, I just noticed some stuff was not functioning properly and it's because the crl url is being redirected to https (centos 6.7).
$ curl http://kdc01.unix.domain.tld/ipa/crl/ <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://kdc01.unix.domain.tld/ipa/crl/ ">here</a>.</p> <hr> <address>Apache/2.2.15 (CentOS) Server at kdc01.unix.domain.tld Port 80</address> </body></html> This is ipa-rewrite.conf, it should not be happening, but it does: $ cat ipa-rewrite.conf # VERSION 3 - DO NOT REMOVE THIS LINE RewriteEngine on # By default forward all requests to /ipa. If you don't want IPA # to be the default on your web server comment this line out. RewriteRule ^/$ https://kdc01.unix.iriszorg.nl/ipa/ui [L,NC,R=301] # Redirect to the fully-qualified hostname. Not redirecting to secure # port so configuration files can be retrieved without requiring SSL. RewriteCond %{HTTP_HOST} !^kdc01.unix.iriszorg.nl$ [NC] RewriteRule ^/ipa/(.*) http://kdc01.unix.iriszorg.nl/ipa/$1 [L,R=301] # Redirect to the secure port if not displaying an error or retrieving # configuration. RewriteCond %{SERVER_PORT} !^443$ RewriteCond %{REQUEST_URI} !^/ipa/(errors|config) RewriteRule ^/ipa/(.*) https://kdc01.unix.iriszorg.nl/ipa/$1 [L,R=301,NC] Any ideas on how to fix this? Thanks! -- Groeten, natxo
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project