Centralize webroot mapping

rg305 · January 22, 2020, 1:41am

Use a single file to consolidate all FQDNs and their corresponding webroot mappings.
Allow certbot to look for such a file, include the content, and update it as needed.
If an FQDN is NOT in the current webroot mapping “list”, then proceed (as usual) as if it wasn’t in the renewal.conf file.
When --webroot is specifically requested, update all stored webroot settings in that one single file.

As unique FQDNs should be served from unique document roots, it stands to reason that such a global webroot combination would NOT create a conflict.
In the event a conflict should arise, certbot should stop and make it clear to the end user that they have a conflict in there config and that they should correct it before continuing.

– open for discussion –

Osiris · January 22, 2020, 6:57am

Perhaps I’m failing to see it, but could you explain why such a single file is better than just putting the webroot map in the renewal configuration file?

rg305 · January 22, 2020, 7:08am

Combining can simplify maintenance.
Creates a single point for modifications.
Conflicting names are easy to spot and correct [this is aimed mainly at Apache].
Help address past (and any future) related bugs in certbot regarding webroot mapping.

system · February 21, 2020, 7:18am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Renew: Place Webroot Path in Config File Help	8	20402	July 13, 2016
Changing --webroot_path configuration before renewal? Server	9	6342	April 14, 2017
Certbot and mixed challenges Client dev	10	76	April 23, 2025
Certbot renewal and webroot folders Help	4	7755	November 3, 2016
Please document the webroot ".well-known" request path Feature Requests	12	3680	February 11, 2023

Centralize webroot mapping

Related topics