From 6118b73fab1bfbbbaf0ce10ebb48fb3864b90a5e Mon Sep 17 00:00:00 2001
From: Tomas Babej <tbabej@redhat.com>
Date: Thu, 20 Jun 2013 10:55:39 +0200
Subject: Do not redirect ipa/crl to HTTPS

https://fedorahosted.org/freeipa/ticket/3713
---
 install/conf/ipa-rewrite.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/conf/ipa-rewrite.conf b/install/conf/ipa-rewrite.conf
index b22caa1d..552682b0 100644
--- a/install/conf/ipa-rewrite.conf
+++ b/install/conf/ipa-rewrite.conf
@@ -1,4 +1,4 @@
-# VERSION 4 - DO NOT REMOVE THIS LINE
+# VERSION 5 - DO NOT REMOVE THIS LINE
 
 RewriteEngine on
 
@@ -14,7 +14,7 @@ RewriteRule ^/ipa/(.*)      http://$FQDN/ipa/$$1 [L,R=301]
 # Redirect to the secure port if not displaying an error or retrieving
 # configuration.
 RewriteCond %{SERVER_PORT}  !^443$$
-RewriteCond %{REQUEST_URI}  !^/ipa/(errors|config)
+RewriteCond %{REQUEST_URI}  !^/ipa/(errors|config|crl)
 RewriteRule ^/ipa/(.*)      https://$FQDN/ipa/$$1 [L,R=301,NC]
 
 # Rewrite for plugin index, make it like it's a static file
-- 
cgit