Let's encrypt failed to install


#1

Hello,

I was trying to install Let’s encrypt SSL certificate for one of my domain and it is failed with the following error

=========
1:14:27 PM WARN “mydomain.biz” failed its authorization because of an error: The system queried for a temporary file at “http://mydomain.biz/.well-known/acme-challenge/0kL_LYc8zoI-AhzgtBlG3jt0qqyK2hl-Xj3Qy1Fs1XQ”, but the web server responded with the following error: 404 (Not Found). A DNS or web server misconfiguration may exist.

I could fix this by temporarly moving the .htaccess file present under the document root.

But I think after 90 days the auto-renewal may fail due to this .htaccess, so anybody knows a permanent fix this for this issue.


#2

What is your current .htaccess ? You should be able to modify that to allow correct access to the .well-known/acme-challenge folder.


#3
ErrorDocument 404 http://www.mydomain.biz/index.php?main_page=page_not_found
<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault "access plus 1 month"
# My favicon
ExpiresByType image/x-icon "access plus 1 year"
# Images
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
# CSS
ExpiresByType text/css "access 1 month"
# Javascript
ExpiresByType application/javascript "access plus 1 year"
</IfModule>

# compress text, HTML, JavaScript, CSS, and XML - copied from GTmetrix Gzip page
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

# remove browser bugs
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent

# IP Canonicalization to forward to domain name.
RewriteCond %{HTTP_HOST} ^xxx\.xxx\.xxx\.xx
RewriteRule (.*) http://www.mydomain.biz/$1 [R=301,L]



##  Redirect non www to www
RewriteCond %{HTTP_HOST} !^www.mydomain.biz$ [NC]
RewriteRule ^(.*)$ http://www.mydomain.biz/$1 [L,R=301]


##Blocks access from libwww-perl you can eliminate botnet attacks.
RewriteCond %{HTTP_USER_AGENT} libwww-perl.*
RewriteRule .* � [F,L]


## BEGIN CEON URI MAPPING REWRITE RULE

RewriteEngine On

# Don't rewrite any URIs ending with a file extension (ending with .[xxxxx])
RewriteCond %{REQUEST_URI} !\.[a-z]{2,5}$ [NC]
# Don't rewrite any URIs for some, popular specific file format extensions,
#   which are not covered by main file extension condition above
RewriteCond %{REQUEST_URI} !\.(mp3|mp4|h264)$ [NC]
# Don't rewrite any URIs for some specific file format extensions,
#   which are not covered by main file extension condition above
#   Uncomment the following line to apply this condition! (Remove the # at the start of the next line)
#RewriteCond %{REQUEST_URI} !\.(3gp|3g2|h261|h263|mj2|mjp2|mp4v|mpg4|m1v|m2v|m4u|f4v|m4v|3dml)$ [NC]
# Don't rewrite admin directory
RewriteCond %{REQUEST_URI} !^/z_admin [NC]
# Don't rewrite editors directory
RewriteCond %{REQUEST_URI} !^/editors/ [NC]
# Don't rewrite pdf directory
RewriteCond %{REQUEST_URI} !^/pdf/ [NC]
# Don't rewrite psd directory
RewriteCond %{REQUEST_URI} !^/psd/ [NC]
# Don't rewrite generator directory
RewriteCond %{REQUEST_URI} !^/generator/ [NC]
# Don't rewrite mailhive directory
RewriteCond %{REQUEST_URI} !^/mailhive/ [NC]
# Don't rewrite cgi-bin directory
RewriteCond %{REQUEST_URI} !^/cgi\-bin/ [NC]
# Handle all other URIs using Zen Cart (its index.php)
RewriteRule .* index.php [QSA,L]

## END CEON URI MAPPING REWRITE RULE

#4

From a quick look at your .htaccess I think the main thing you want to add is a condition to ignore tethe rewrite for the .well-known directory

 RewriteCond %{REQUEST_URI} !^/.well-known/ [NC]
 # Don't rewrite anthing for the .well-known folder. 

#5

Hi Serverco,

Thank you :slight_smile:


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.