Re: FBR: Setup proxying and VPN for certgetter01

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Sep 09, 2017 at 07:43:15PM -0400, Patrick Uiterwijk wrote:
> Thanks.
> 
> It looks like I need one more thing to make sure the challenge doesn't
> get redirected to https (acme challenges are always over plain http).
> Can I also get +1s for:
> 
> From fd0a29275ad4f37f42f6383e14a298adf1db0978 Mon Sep 17 00:00:00 2001
> From: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> Date: Sat, 9 Sep 2017 23:42:19 +0000
> Subject: [PATCH] Do not httpd-redirect for acme challenges
> 
> Signed-off-by: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> ---
>  roles/httpd/website/templates/website.conf | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/roles/httpd/website/templates/website.conf
> b/roles/httpd/website/templates/website.conf
> index 8eed648..804942a 100644
> --- a/roles/httpd/website/templates/website.conf
> +++ b/roles/httpd/website/templates/website.conf
> @@ -17,6 +17,7 @@
>  {% if sslonly %}
>    RewriteEngine On
>    RewriteCond %{HTTPS} off
> +  RewriteCond %{REQUEST_URI} !/.well-known/acme-challenge/.*
>    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE]
>  {% else %}
>    Include "conf.d/{{ name }}/*.conf"
> -- 
> 1.8.3.1

+1 for me as well.

Pierre

Attachment: signature.asc
Description: PGP signature

_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux