Protected Domain => renewal

Hi,
i have some domains running on a nginx server.

The domains are protected with the “folder protection” option from my backend. (So you need a username and password auth to access the page)

The question now is HOW is it possible to keep this setting but allow Let´s Encrypt to renew the certificate?

What rule can i add to my config to keep the protection but not for the folder .well-known?

Thank you.

Hi @MrBottle,

Can you share your whole nginx config? It will make answering this question with greater certainty easier.

I believe you can add this to your nginx config to disable basic authentication for the folder that the HTTP-01 challenge responses are placed for verification by Let's Encrypt:

location ^~ /.well-known/acme-challenge/ {
    auth_basic off;
}

I'm not an nginx configuration expert so please take my suggestion only as a starting point. Make sure to check your configuration for syntax errors after making the change by running nginx -t -c <your config file>.

Hope that helps!

Another option might be to switch to using certbot’s --nginx plugin, which uses TLS-SNI-01 and doesn’t require access to the .well-known folder at all.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.