Add redirect.conf, with comments
diff --git a/etc/openwsman.conf b/etc/openwsman.conf
index 8888bd1..1cd2f58 100644
--- a/etc/openwsman.conf
+++ b/etc/openwsman.conf
@@ -4,6 +4,7 @@
#
##################################
[server]
+# port to accept http requests
port = 5985
#
@@ -26,10 +27,18 @@
ipv4 = yes
ipv6 = yes
+# port to accept https requests
#ssl_port = 5986
+
+# the openwsman server certificate file, in .pem format
ssl_cert_file = /etc/openwsman/servercert.pem
+# the openwsman server private key, in .pem format
ssl_key_file = /etc/openwsman/serverkey.pem
+
+# set these to enable digest authentication against a local datbase
#digest_password_file = /etc/openwsman/digest_auth.passwd
+
+# set these to enable basic authentication against a local datbase
#basic_password_file = /etc/openwsman/simple_auth.passwd
min_threads = 4
@@ -101,3 +110,7 @@
# boolean
# omit_schema_optional = 0
+
+# Redirect module, see redirect.conf for details
+#[redirect]
+#include='/etc/openwsman/redirect.conf'
diff --git a/etc/redirect.conf b/etc/redirect.conf
new file mode 100644
index 0000000..baba3e5
--- /dev/null
+++ b/etc/redirect.conf
@@ -0,0 +1,53 @@
+##################################
+#
+# settings for the Redirect plugin
+# (WS-Management forwarding)
+#
+# This module can proxy/forward/redirect requests to another WS-Management server
+# A typical scenario is Dell's "Integrated Dell Remote Access Controller" (iDRAC)
+# which acts as a baseboard management controller (out of band management) but has
+# it's own network configuration.
+#
+# The redirect plugin allows the host to forward WS-Management request to this
+# controller. For the client, in-band (talking to host) and out of band (talking
+# to iDrac) only differs in the resource URI.
+##################################
+
+# server to redirect to
+server='hostname-or-ip'
+# port for server
+port=443
+
+# resource URI prefix, must be different from known prefixes
+resource='http://schemas.dell.com/wbem/wscim/1/cim-schema/2'
+
+# credentials for the remote server
+username='user'
+password='pass'
+authentication_method='basic'
+
+# path for SOAP requests
+url_path='/wsman'
+
+cim_namespace='root/cimv2'
+
+# empty: http, non-empty: https
+#
+# Pass a string naming a file holding one or more certificates to verify the peer with.
+# This makes sense only when used in combination with the noverifypeer=0 option
+# If noverifypeer=1, cacert need not even indicate an accessible file.
+cacert='dummy.pem'
+
+# if certificates need to be verified
+noverifypeer=1
+noverifyhost=1
+
+# File of the private key, in .pem format
+sslkey=
+
+# File of your certificate, in .pem format
+# With NSS or Secure Transport, this can also be the nickname of the certificate you wish
+# to authenticate with as it is named in the security database.
+# If you want to use a file from the current directory, please precede it with "./" prefix,
+# in order to avoid confusion with a nickname.
+cl_cert=
