but going back to ipa-rewrite.conf, these 2 seem contradictory:

# Redirect to the fully-qualified hostname. Not redirecting to secure
# port so configuration files can be retrieved without requiring SSL.
RewriteCond %{HTTP_HOST}    !^kdc01.unix.iriszorg.nl$ [NC]
RewriteRule ^/ipa/(.*)      http://kdc01.unix.iriszorg.nl/ipa/$1 [L,R=301]

# Redirect to the secure port if not displaying an error or retrieving
# configuration.
RewriteCond %{SERVER_PORT}  !^443$
RewriteCond %{REQUEST_URI}  !^/ipa/(errors|config)
RewriteRule ^/ipa/(.*)      https://kdc01.unix.iriszorg.nl/ipa/$1
[L,R=301,NC]

so I modified

RewriteCond %{REQUEST_URI}  !^/ipa/(errors|config)

with

RewriteCond %{REQUEST_URI}  !^/ipa/(errors|config|crl)

and now it works.

Is this ok?
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to