Lcget problem with acme challenge - missing "/" at the end


#1

Hi guys, I am using lcget to manually authenticate with acme,

the problem is error: :warning:letsencrypt.plugins.manual:Self-verify of challenge failed.

it goes all well as you can see in the bottom log, however ive traced why the error occur but i dont know how to fix it.

basically acme is trying to find: miklaszewski.com/.well-known/acme-challenge/02CUfhjnMXxV2Z-QHie_2WJQdF5x16788VDPJe3cxk4 and its gets 403 and 404 error

however if you add “/” at the end like this:
http://www.miklaszewski.com/.well-known/acme-challenge/02CUfhjnMXxV2Z-QHie_2WJQdF5x16788VDPJe3cxk4/
it works fine

i do have .htaccess set to use .well-known/acme-challenge in http mode
but i cant make it work with “/” at the end so acme challange can pass

RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/ [NC] RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

any idea how to fix this problem?

log:
https://bartron.org.uk/index.php/s/VTdzSWPxjIa3ByL


#2

I’m a little confused. ACME should correctly be trying to check the file at miklaszewski.com/.well-known/acme-challenge/02CUfhjnMXxV2Z-QHie_2WJQdF5x16788VDPJe3cxk4 ( without a trailing slash )

so I’m not sure why you want to add a trailing slash on the end. It shouldn’t be there as far as I’m aware.

If I try to go to the correct link of miklaszewski.com/.well-known/acme-challenge/02CUfhjnMXxV2Z-QHie_2WJQdF5x16788VDPJe3cxk4 I get a redirect

$ curl -I http://www.miklaszewski.com/.well-known/acme-challenge/02CUfhjnMXxV2Z-QHie_2WJQdF5x16788VDPJe3cxk4
HTTP/1.1 301 Moved Permanently
Location: http://www.miklaszewski.com/.well-known/acme-challenge/02CUfhjnMXxV2Z-QHie_2WJQdF5x16788VDPJe3cxk4/
Content-Type: text/html; charset=iso-8859-1
Server: - Web acceleration by http://www.unixy.net/varnish
X-Cacheable: YES
Content-Length: 307
Accept-Ranges: bytes
Date: Fri, 27 May 2016 18:30:39 GMT
X-Varnish: 1690420832 1690420498
Via: 1.1 varnish
Connection: keep-alive
age: 0
X-Cache: HIT
X-Cache-Hits: 1

Is it the self verify that’s failing ? or the ACME check ?


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.