Unable to clean up challenge directory /var/www/jei/code/public/.well-known/acme-challenge Failed authorization procedure. www.emerginginvestigators.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.emerginginvestigators.org/.well-known/acme-challenge/38ewrNzHtdWOlxSJkJQu3NoS7bQw1ypT3__sumutj_8: "
My web server is (include version):
Passenger Standalone, Phusion Passenger 5.1.8
The operating system my web server runs on is (include version):
CentOS release 6.9 (Final)
My hosting provider, if applicable, is:
Bluehost
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
cpanel 64.0 (build 36)
The real issue is that I can’t seem to access anything in the .well-known/acme-challenge directory. I have created a test file in /var/www/jei/code/public/.well-known/acme-challenge that is returning a 404 page instead. It seems specific to the acme-challenge directory, because if I create eg /var/www/jei/code/public/.well-known/acme/test.html it works fine and I can view it in my browser. I’m not sure what the issue with the acme-challenge dir is and it’s driving me crazy
This is a rails app, and it seems like maybe the requests to the acme-challenge directory aren’t being handled by rails, as the 404 page is not the standard rails 404 page. I’m just not sure why that’s happening for this directory though
That’s really strange! I don’t immediately have any suggestions about why this is happening, unless some other software has already remapped this in anticipation of getting Let’s Encrypt certificates itself.
I had removed it, but it’s there now. It continues to be just the acme-challenge folder that is inaccessible from the internet. Is there a way I might be able to find out if any other software or server has remapped that?
The configuration is done through ERB, but essentially mimics an nginx conf file. This is how it looks – do I need to use a location block somewhere maybe? I’ve seen that come up in my searches before.
Passenger Standalone is built on the same technology that powers
Passenger for Nginx, so any configuration option supported by Passenger
for Nginx can be applied to Passenger Standalone as well.
http {
<%= include_passenger_internal_template('http.erb', 4) %>
default_type application/octet-stream;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
client_max_body_size 1024m;
access_log off;
keepalive_timeout 60;
underscores_in_headers on;
gzip on;
gzip_comp_level 3;
gzip_min_length 150;
gzip_proxied any;
gzip_types text/plain text/css text/json text/javascript
application/javascript application/x-javascript application/json
application/rss+xml application/vnd.ms-fontobject application/x-font-ttf
application/xml font/opentype image/svg+xml text/xml;
<% if @app_finder.multi_mode? %>
# Default server entry for mass deployment mode.
server {
<%= include_passenger_internal_template('mass_deployment_default_server.erb', 12) %>
}
<% end %>
<% for app in @apps %>
server {
<%= include_passenger_internal_template('server.erb', 8, true, binding) %>
<%= include_passenger_internal_template('rails_asset_pipeline.erb', 8, false) %>
}
I’m not sure! If you can’t figure it out, you might want to check about this on another forum with more people with expertise in this technology, or start a new thread specifically mentioning the web server name in the topic.