Unable to successfully run a --webroot path when there's a space in one of the directory names

My domain is: db.trillionpictures.com

I ran this command:acme.sh --issue -d db.trillionpictures.com --webroot "/Library/FileMaker Server/HTTPServer/htdocs" --keylength ec-256

It produced this output: Can not write token to file : /Library/FileMaker/.well-known/acme-challenge/sm03MSnzDjY9EJ2znUzceN_f_x0ILjqpnY15iKASvMg
(Notice it got tripped up by the space in the directory 'FileMaker Server')

My web server is (include version): apache

The operating system my web server runs on is (include version): MacOS

My hosting provider, if applicable, is: InmotionHosting

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): acme.sh v2.8.8

For whatever reason I'm unable to specify the --webroot. I'm familiar with using escapes (backslash space) or quotes (single or double) in command line calls to handle paths with spaces, but in this particular context -- using acme.sh, none of the usual solutions worked.

1 Like

If your intention is to notify/update the software maintainer about this issue, then you are on the wrong forum; as acme.sh has never been maintained by LE nor this community.
If you are just looking for a "workaround", then I might have a few.

1 Like

In case you (or anyone else) are interested in such "Workarounds", here are two general methods:

A. Try "forcing" it to find that path:
  1. link path "/Library/FileMaker" to "/Library/FileMaker Server"
     [then use link path --webroot "/Library/FileMaker/HTTPServer/htdocs"]
  2. Try one more escape/backslash/quotes...
     --webroot "/Library/FileMaker\ Server/HTTPServer/htdocs"

B. Try using another path - challenge folder isn't bound to/by site path location.
  1. Create a dedicated challenge path: /AMCEchallenges/
     a. mkdir /AMCEchallenges/
     b. Update apache vhost config to use the new path for challenges
        option #1:
          <Location /.well-known/acme-challenge/>
             DocumentRoot /AMCEchallenges/
        option #2:
          #this skips challenge requests and sends all other requests to HTTPS
          <LocationMatch "^/(?!\.well-known)">
            RewriteEngine On
            RewriteCond %{HTTPS} !=on
            RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1
          DocumentRoot /AMCEchallenges/
     c. use: --webroot /AMCEchallenges/

I agree with @rg305. Please refer to the acme.sh site to open a bug report there.


Thanks. Will test the link approach. But also wondering: is certbot maintained / supported by LE? Happy to switch if it will ultimately make the install/renewal process more reliable.


In the beginning, it was indeed developed by Let's Encrypt personel. However, since then it has been transfered over to the good people of the Electronic Frontier Foundation (EFF), one of the Platinum sponsors of Let's Encrypt and one of the Platinum sponsors of ISRG, the company behind Let's Encrypt. Some of board members of ISRG are from EFF.


Do you recommend one over the other? certbot vs acme.sh?


They both have their merits. Certbot is very complete IMHO, but still has some possibilities for significant improvements. Some might say it's "bloated" due to too much options with too much dependencies. Bonus is it's under very active development by a great development team of a great organisation (EFF).

Acme.sh on the other hand is very small with very little dependencies. Further more, it has many, many DNS provider plugins so it's relatively easy to use the DNS challenge with it. On the other hand, as far as I know, it's developed by a single developer. It has also been sold to apilayer, a company which seems to be trying to buy as much of the popular ACME clients as possible. The current 'master' version also has ZeroSSL (a CA of apilayer) as the default ACME API in stead of Let's Encrypt. Its documentation is not something I would describe as "easy" or "complete".

/my 2 cents


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.