Certbot can't access/create the .well-known/acme-challenge folder/file

r3d_f0x · December 17, 2020, 12:06am

I'm not sure how to configure things on the droplet end to use the load balancer.

rg305 · December 17, 2020, 5:31am

I will keep my posts to one question at a time; So here is the first (in bold):

Which folder path exactly? {please show the full path created}
[Your location and the folder path your created are probably NOT matching one another.]

You used:

r3d_f0x · December 17, 2020, 2:27pm

This is the path: ls -a /var/www/wikifamily/.well-known
. ..

This is the settings for the file:

server {
        listen 0.0.0.0:80;
        root /var/www/wikifamily;
        index index.php;

        server_name f0xwikis.rfx.fi
                www.f0xwikis.rfx.fi
                globalwiki.rfx.fi
                www.globalwiki.rfx.fi;

          location ~* \.php$ {
                 fastcgi_pass unix:/run/php/php7.3-fpm.sock;
                 include         fastcgi_params;
                 fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
                 fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
          }
}

Instead of this

    location ~ /.well-known {
            default_type "text/plain";
            root /var/www/wikifamily;
    }

I'm going to try this

    location ~ /.well-known {
            default_type "text/plain";
            root /var/www/wikifamily/.well-known;
    }

Edit: It doesn't work.

griffin · December 17, 2020, 6:38pm

You don't want to create your own exception if you're using the nginx authenticator. If you want to create your own exception, use the webroot authenticator instead:

--webroot -w /path/to/your/webroot

griffin · December 17, 2020, 6:42pm

rg305 · December 17, 2020, 7:29pm

You need to understand what the location statement does to the URL request.
Please make some test files and folders to see where it actually connects to.

make path: /var/www/wikifamily/.well-known/acme-challenge/
place a test file: /var/www/wikifamily/.well-known/acme-challenge/test1
make path: /var/www/wikifamily/acme-challenge/
place a test file: /var/www/wikifamily/acme-challenge/test2
place a test file: /var/www/wikifamily/acme-challenge/test3
place a test file: /var/www/wikifamily/test4

It first must be accessible before you continue testing with certbot.
And the path must be corrected (if needed) to include the full challenge path.
[once the full path is working, then you can proceed with your certbot testing]

r3d_f0x · December 18, 2020, 6:16pm

I was following the directions but it doesn't work and keeps saying the droplet is down.

griffin · December 18, 2020, 6:21pm

My recommendation to get your droplet functioning as quickly and effectively as possible would be to ask the DigitalOcean community:

system · January 17, 2021, 6:22pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.