i try to provide an CRL with haproxy. CRLs are distributed via HTTP.
So my approach:
frontend my-http acl is_CRL-h path_beg -i /pki use_backend server_CR if is_CRL-h # all others via https: http-request redirect scheme https if ! is_CRL-h backend server_CR mode http server myCA 10.123.4.56:80 nocheck
… But it does not work, the …“redirect if is not CRL” seems to be ignored…