Hello.
I’m trying to issue a cert for a server which has a config for port that redirects all to port 443.
Even though I have the challenge file in place and ready, Certbot says it can’t connect to “http://…”. It appears that the initial redirect throws certbot off and it exits.
I can access the challenge file from the full URL, so I know it’s not a problem of GETTING to the challenge file.
I can’t add a port 80-only server, and can’t remove the redirect.
I also don’t want to install certbot on this particular server as it forces an install of lots of system packages I don’t want on this server.
So what should I do to get the cert issued?
Deb8 running Apache 2.4.17
Let’s Encrypt follows redirects (HTTP 301 and 302) when performing HTTP-01 challenges, both to other domains and from http:// to https://. The problem is probably somewhere else.
Can you run the client with -vvvvv and provide the full output and log files from /var/log/letsencrypt?
The redirect leads to a non-existing domain (check the value of the Location header in the output below). I guess there’s a missing / somewhere in your RewriteRule.
$ curl -i http://secure.wwiionline.com/.well-known/acme-challenge/Ysn-yMOlMjHiZoiRPDbCZNiQERQcYkrOuKfA4p18Vqw
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Jun 2016 16:45:18 GMT
Server: Apache/2.4.17 (Debian)
Location: https://secure.wwiionline.com.well-known/acme-challenge/Ysn-yMOlMjHiZoiRPDbCZNiQERQcYkrOuKfA4p18Vqw
1 Like
Excellent. Thanks for your help. That was the issue and once fixed, the challenge worked.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.