These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for How To Verify That LetsEncrypt Autorenewal Will, For Certain, Actually Work on the new forum.
Web Hosting and Cloud Computing Control Panels
I had the following on .htaccess file and domain dint renew.
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.)$ https://domain.com/$1 [R,L] [Probably it would be better to use RewriteRule ^(.)$ https://www.domain.com/$1 [R,L] ?]
Apparently letsencrypt was not able to download their file from http://www.domain.com and when i disabled htaccess i ws able to renew manually. I have added follow BUT i am not sure if this will work as I am waiting for a domain to renew today as now it tries renewals after a week RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/[0-9a-zA-Z_-]+$
Despite so many threads nothing is clear how to enable letsencrypt renewal so that it can access http file on an SSL enabled domain. I still cant find any way on to put the .wellknown/acme-challenge as exception. Nobody there to share their experience?
Hi,
The easiest way to do so is to create a "Website Redirect" from within Virtualmin. This will place the redirect code into the servers VirtualHost configuration rather than you having to use a ".htaccess" file.
Navigate over to
Server Configuration > Website RedirectsOnce there click
Add a new website redirect.Source URL path:
^/((?!.well-known).*)$Destination:
URL at other website/https://yourdomain.com/$1Include sub-paths in redirect:
YesBest Regards,Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Dear TPNsolutions thank you for your guidance. I have used .htaccess directives for each domain and it usually works. I used ewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/[0-9a-zA-Z_-]+$ and it does work but when I try access a file of letsencrypt thats stored as 777 root is not accesible via browser. It gives Forbidden you dont have permission to access 403 error. I am trying to understand what Do i need to change so that http://domain.com/.well-known/ files are downloadable. I also added this following on httpd conf allow from all
Hi,
The ".well-known" will intentionally produce a 403 error as it doesn't contain an "index" file within it. The folder is used by the "Acme Protocol" to verify a domain's existence and should NOT be altered in any way. You should just leave the folder and it's content "as-is".
Best Regards,Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Yes right but how does one fix the issue of file not downloading? See here the error on virtualmin when it attempts to renew: By altering httpd or adding code to htaccess it still gives 403 error and is not renewing: Registering account... Already registered! Verifying domain.com... Wrote file to /home/domuser/public_html/.well-known/acme-challenge/WYRbjUwp-x4GIWK75_w31vfEtRuEdfZxICFkd32mXeM, but couldn't download http://domain.com/.well-known/acme-challenge/WYRbjUwp-x4GIWK75_w31vfEtRu... Traceback (most recent call last): File "/usr/libexec/webmin/webmin/acme_tiny.py", line 235, in main(sys.argv[1:]) File "/usr/libexec/webmin/webmin/acme_tiny.py", line 231, in main signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca) File "/usr/libexec/webmin/webmin/acme_tiny.py", line 184, in get_crt domain, challenge_status))
I'm seeing a sequence of responses addressing how one gets automatic renewal to work -- not how to test whether it will work when the critical time comes.