Can I change the /.well-known/acme-challenge path?


#1

The Rails app I’m using doesn’t support dots at the base of the root. I’d like to change the location of this path. Is it possible?


#2

No, you cannot.

However, you can serve the challenges from whatever web frontend/reverse proxy you are using (likely something like Nginx or Apache).

Otherwise, you can use an alternative auth method, like dns-01.


#3

@nicoo is correct. The .well-known name was chosen in part because it’s a little “special,” so it’s less likely for web apps to accidentally be configured with arbitrary uploads from untrusted parties there. See https://tools.ietf.org/html/rfc5785.


#4

Can you link me to an example of how to use dns-01 as part of the manual setup? Very much appreciate it.


#5

Which ACME client are you using?
The official Let’s Encrypt client doesn’t support dns-01yet.


#6

Can’t you just link the path to s.th. valuable for the Rails-app?

just my 2 cents

Iodok


#7

Nginx’s server, usually protect to show all files and folder started from dot i.e. /.well-known/ will not work in this case.
By this reason I think it is a good idea change to /well-known/