Exactly which files are created by the webroot plugin?


The documentation says here that the webroot plugin creates multiple files in the ${webroot-path}/.well-known/acme-challenge directory (for purposes of the “http-01” test).

The webroot plugin works by creating a temporary file for each of your requested domains in ${webroot-path}/.well-known/acme-challenge. Then the Let’s Encrypt validation server makes HTTP requests to validate that the DNS for each requested domain resolves to the server running certbot.

But what exactly are their filenames and extensions ?

I would need to put them in my CDN’s “do not cache” list.

Thank you!


There are no extensions, but the filenames are chosen randomly by the certificate authority each time and are not predictable ahead of time!


You should probably just set your CDN to not cache anything from .well-known/acme-challenge.


Alright, so if I understand correctly, the filenames will always be different for each renewal attempt?


Yes, that’s correct.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.