Creating certificates for Dynamic Websites

MontyHu · May 11, 2020, 5:25am

Some of the sites on my server use RewriteRules to provide clean URLs, but this appears to be hindering certbot from creating or renewing certificates. I use the following rewrite rules in an .htaccess file to make the URL changes:

RewriteEngine On
RewriteRule /*\.(css|js|gif|png|jpe?g)$ - [NC,L]
RewriteRule "^(.*)$"    "index.php?_url=$1" [QSA,L]

I don’t really understand these types of scripts very well, so, not sure what I need to change so the above rules are ignored for the .well-known folder that certbot creates. I tried add this line, which I found here, but it didn’t seem to work:

RewriteRule ^\.well-known/ - [L]

If anyone knows how I can fix this, I’d really appreciate your advice, thanks!

My web server is: Apache 2.4.6
The operating system my web server runs on is: CentOS Linux 7.8.2003
I can login to a root shell on my machine: Yes
I’m using a control panel to manage my site: No
The version of my client is: certbot 1.3.0

_az · May 11, 2020, 5:28am

That line should work. Did you put it above the other two lines?

Anyway, .htaccess rules don’t affect the Certbot Apache plugin, only the Certbot webroot plugin.

How are you issuing the certificates?

MontyHu · May 11, 2020, 5:42am

Oh, that’s what I did wrong, I put the line I added to .htaccess in the wrong place. Once I put it above the last two lines as you suggested, it worked:

RewriteEngine On
RewriteRule ^\.well-known/ - [L]
RewriteRule /*\.(css|js|gif|png|jpe?g)$ - [NC,L]
RewriteRule "^(.*)$"    "index.php?_url=$1" [QSA,L]

Thanks!

P.S. I’m issuing the certificates with certonly --webroot.

system · June 10, 2020, 5:42am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.