summaryrefslogtreecommitdiffstats
path: root/ipa-server/xmlrpc-server/ipa.conf
diff options
context:
space:
mode:
Diffstat (limited to 'ipa-server/xmlrpc-server/ipa.conf')
-rw-r--r--ipa-server/xmlrpc-server/ipa.conf10
1 files changed, 8 insertions, 2 deletions
diff --git a/ipa-server/xmlrpc-server/ipa.conf b/ipa-server/xmlrpc-server/ipa.conf
index 2931b86dd..fbf26b67c 100644
--- a/ipa-server/xmlrpc-server/ipa.conf
+++ b/ipa-server/xmlrpc-server/ipa.conf
@@ -2,12 +2,18 @@
ProxyRequests Off
-# Make all requests use SSL except for Kerberos authentication errors
RewriteEngine on
+# Redirect to the fully-qualified hostname. Not redirecting to secure
+# port so configuration files can be retrieved without requiring SSL.
+RewriteCond %{HTTP_HOST} !^$FQDN$$ [NC]
+RewriteRule ^/(.*) http://$FQDN/$$1 [L,R=301]
+
+# Redirect to the secure port if not displaying an error or retrieving
+# configuration.
RewriteCond %{SERVER_PORT} !^443$$
RewriteCond %{REQUEST_URI} !^/(errors|config)/
-RewriteRule ^/(.*) https://%{SERVER_NAME}/$$1 [L,R,NC]
+RewriteRule ^/(.*) https://$FQDN/$$1 [L,R=301,NC]
<Proxy *>
AuthType Kerberos
generated by cgit (git 2.34.1) at 2024-11-16 10:24:02 +0000