On Sat, Sep 09, 2017 at 07:43:15PM -0400, Patrick Uiterwijk wrote:
> Thanks.
>
> It looks like I need one more thing to make sure the challenge doesn't
> get redirected to https (acme challenges are always over plain http).
> Can I also get +1s for:
>
> From fd0a29275ad4f37f42f6383e14a298adf1db0978 Mon Sep 17 00:00:00 2001
> From: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> Date: Sat, 9 Sep 2017 23:42:19 +0000
> Subject: [PATCH] Do not httpd-redirect for acme challenges
>
> Signed-off-by: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> ---
> roles/httpd/website/templates/website.conf | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/roles/httpd/website/templates/website.conf
> b/roles/httpd/website/templates/website.conf
> index 8eed648..804942a 100644
> --- a/roles/httpd/website/templates/website.conf
> +++ b/roles/httpd/website/templates/website.conf
> @@ -17,6 +17,7 @@
> {% if sslonly %}
> RewriteEngine On
> RewriteCond %{HTTPS} off
> + RewriteCond %{REQUEST_URI} !/.well-known/acme-challenge/.*
> RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE]
> {% else %}
> Include "conf.d/{{ name }}/*.conf"
> --
> 1.8.3.1
+1 for me as well.
Pierre
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
