I used Nginx in reverse proxy to Apache but serve directly static files on Nginx side for better performance (root /var/www/example/docroot/; )
I noticed some issues with my webserver configuration when validation keys contains final slash.
Domain: example.com Type: unauthorized Detail: During secondary validation: Invalid response from https://example.com/.well-known/acme-challenge/sH_jbMPHAsMuPqv3spOxJMCi6GU079R6eC5X-vBesZU/
If I retry the same certbot command and the validation key is without final slash, it will work.
So when the key contains final slash, validation failed, I guess it's looking for a non-existing physical directory.
Sometimes, I have a lot of aliases to handle in the same certificate and I have to retry many times the same command to validate all the DNS.
And I already exceeded the tries number rate limits.
So it could be nice to have an option (command argument ?) to avoid final slash in validation key.
What do you think about that ?