I have an apache server with a fairly complex setup and several subdomains. Certbot used to work when getting the certificate with the --apache plugin and when renewing once.
The second renewal now fails. The challenges get a 404 for all domains. So it seems that the rewrite rules for .well-known are not active in my apache.
I started certbot with --debug-challenges and stopped it. The pre and post files are created in /etc/apache2.
Now I don’t know how to continue looking for the problem. I could not find the point where the pre/post files are inserted into the Apache config. Where is this supposed to happen?
Or do you have any suggestions on how to continue analysis?
i considered using the --webroot plugin instead, but because of the considerable number of subdomains with different directories that would be rather difficult to get right.