Certificate renewal over HTTPS

Hello, I have a very quick question:

If I'm redirecting all of the traffic to HTTPS from HTTP (Nginx webserver) without allowing any content to be accessed on HTTP connection, is it possible to renew certificate using webroot?

Fragment of my nginx config used for redirecting traffic:

return 301 https://$server_name$request_uri;

P.S
I'm using certbot from debian (9) stable repostiory

Thanks.

Yes, as long as https://$server_name/ has the correct root.

You could also exclude it from the redirect, e.g.:

location / {
    return 301 https://$server_name$request_uri;
}
location /.well-known/acme-challenge/
    root /var/www/whatever;
}
1 Like

The solution is the desired method for handling HTTP:
Force everything to HTTPS, except authentication requests (which can be handled using HTTP).
[It sets the EXAMPLE for how one should handle HTTP]

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.