Requesting cert behind CloudFront on an ec2

I ran this command:certbot certonly --standalone --standalone-supported-challenges http-01 --http-01-port 8088 --staging -d

It produced this output:Failed authorization procedure. The client lacks sufficient authorization :: Invalid response

I’ve ran it for my two other domains that aren’t behind CloudFront without an issue and I used to run it behind CloudFront on another server using letsencrypt-auto however on the new server it no longer works.

I’ve looked through the logs and it’s reaching my server and logs a 404. When I request a certificate on my other domains no 404 is logged.

I’ve also added a behavior for .well-known/* to forward all content of the request to the origin (parent domain). Is there a way to have the challenge work behind CloudFront and do it in an automated way? I could probably setup the response in the directory however renewing it would be a pain.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.