Certificate renewal nginx redirect

Hello.
I am trying to renew the certificate.
There are two domains, dom1 and dom2.
There is a 301 redirect between the domain, from dom1 to dom2.
Certificate for renewal at the domain dom1.
Tell me how can I add exceptions to the redirect so that I can renew the certificate on the domain dom1?

server {
listen 1.1.1.8:80;
server_name www.dom1;
rewrite ^(.*) https://dom2$request_uri? permanent;
}

server {
        listen 1.1.1.8:80;
        server_name dom1;
	rewrite ^(.*) https://dom2$uri permanent;
}

server {
        listen 1.1.1.8:443 http2 ssl;
        server_name www.dom1;
	rewrite ^(.*) https://dom2$uri permanent;
ssl_certificate /usr/local/etc/letsencrypt/live/dom1/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/dom1/privkey.pem;
ssl_trusted_certificate /usr/local/etc/letsencrypt/live/dom1/chain.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
}

server {
listen 1.1.1.8:443 http2 ssl;
server_name dom1;
rewrite ^(.*) https://dom2$request_uri? permanent;
ssl_certificate /usr/local/etc/letsencrypt/live/dom1/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/dom1/privkey.pem;
ssl_trusted_certificate /usr/local/etc/letsencrypt/live/dom1/chain.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
client_max_body_size 32M;
root /usr/local/www/dom1/;
open_file_cache max=250000 inactive=120s;
open_file_cache_valid 300s;
open_file_cache_min_uses 1;
open_file_cache_errors on;

location /.well-known/ {
root /usr/local/www/dom1;
}
}

I try to make such an exception in a redirect, it does not work.
rewrite ^(?!/.well-known/(.))(.) https://dom2$uri permanent

You need to use two location blocks.

https://nginx.org/en/docs/http/ngx_http_core_module.html#location

1 Like

Not understood, two location blocks?

Like this:

(check it, i have not tried the matching)

server{
  listen 80;
  
  location ~ .well-known {
    root /var/www/html;
  }
  
  location / {
    rewrite ...... ;
  }
}
1 Like

On the advice of a friend, he did so.
But why redirect exceptions do not work?

rewrite ^(?!/.well-known/.)(.) https://dom2$request_uri? permanent;

server {
listen 1.1.1.8:80;
server_name www.dom1;
location /.well-known/acme-challenge/ {
root /usr/local/www/dom1/;
}
location / {
return 301 https://dom2$request_uri;
}
}
server {
listen 1.1.1.8:80;
server_name dom1;
location /.well-known/acme-challenge/ {
root /usr/local/www/dom1/;
}
location / {
return 301 https://dom2$request_uri;
}
}

nginx is complicated.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.