Hello again Steven. Actually, I was going to do that. However, while I found the invisible "“well-known” folder at the top level of my domain, there was no “acme-challenge” subfolder inside of it. Then, mnordhoff informed me that Certbot will automatically create that subfolder – and the response file within it – and then delete both when it is done creating the certificates.
So, can I manually create the “acme-challenge” subfolder and put an html file in it without messing up Certbot? In other words, if Certbot already finds that subfolder created, it won’t go bonkers?
In a regular http based validation, let’s encrypt will always connect to http version of the site first, then may accept redirects to https version (or even other domains)
Upon checking, when a visitor connects to the http version of this link, here’s what is shown:
When I connects to the site via chrome, everything works fine because my browser honors hsts.
However, curl and command line tools does not accept those kind of redirections, (normally only http 301 & 302 are accepted)
So here’s the issue … Please check your Apache configuration file since all traffic occurs in plain http will be redirected into https 404 error page.
P.S. I’ll be offline for 6+ hours in order to get enough sleep. So, see you tomorrow.
I am using Firefox on OS X. As I noted in my last comment above, all four variations of the URL work in Firefox as well, which I assume is what you are also seeing in Chrome.
So are you saying that, unlike Firefox – or Chrome – because the OS X terminal is a command line tool, redirects won’t work when it comes to Certbot?
If that is what you are saying, that confuses me even more, because Certbot has worked fine for a long time now with my current configuration.
Did you see above the actual redirect code that I am using in my httpd.conf file? Here it is again:
Yes, browsers and command line tools might deal with some website differently.
(In my own words), Websites are executing the codes, command line tools are fetching it.
One question: Are you sure the plain text version of www site is working?
Can you please confirm if there’s a serveralias in the redirection virtual host? (Similiar to the following line)
ServerAlias www.billkochman.com
If not, please add that line, restart apache and try again. (The issue might related to the fact that plain version of the www site is not associated with a existing port 80 virtual host)