No, the only thing on port 443 on that server is bearclawats.com the prod.bearclaw.io is just being used for server management.
It's been working and originally when I set it all up I followed steps I found online and I had a similar config running when it was originally located at a different host.
Ok we need to exclude the challenge requests from being redirect; as not all names will have an HTTPS site to deal with them.
So for that let's replace that section in the config with:
<VirtualHost *:80>
DocumentRoot /some/unique/path
<LocationMatch "^/(?!\.well-known)">
#send all other requests to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1
</LocationMatch>
</VirtualHost>
Note: You must create that unique path with: mkdir /whatever/path/you/chose/
Please don't use that path - make a new one just to handle any /.well-known/acme-challenge/ requests.
[for security reasons]
Can be: /var/tmp/useless /tmp/unused /new/path/for/challenges
The point of this part of the exercise is to have the HTTP vhost config redirect all traffic to HTTPS.
Except the challenge requests, and they will go to wherever the DocumentRoot directs them (but only them).
Please shot the error - my mind can only remember so much...
Understand that I'm also working on another ticket and handling several server tasks unrelated to this site.
I see that it dodn't get redirected (so that's good):
Please place a test file in the expected challenge location.
Which is done with(I hope you understand my syntax): echo "test file" > {/the/path/you/made}/.well-known/acme-challenge/test-file-1234
Note: You may need to create the two subdirectories.
If so, you can do so with: mkdir {/the/path/you/made}/.well-known/ mkdir {/the/path/you/made}/.well-known/acme-challenge/
Then we can try accessing that file with: http://prod.bearclaw.io/.well-known/acme-challenge/test-file-1234