This is a follow up to Bug 976308. FreeIPA public CRL file is no longer accessible to httpd due to SELinux AVC and thus it's users cannot download the certificate revocation list.
More info in RHEL Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1105212
Fedora Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1115418
This is fixed with selinux-policy-3.12.1-176.fc20.
master:
Metadata Update from @mkosek: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.0 GA
Login to comment on this ticket.