What exactly has to be served in the http challenge?


#1

If you choose the http challenge type, what are the details of passing the challenge?

I’m looking at the certbot source and I see a test in challenges.py:

http://example.com/.well-known/acme-challenge/

So if I am requesting a cert for the domain example.com, it will try and make a http get request for:

http://example.com/.well-known/acme-challenge/

What does it expect as the response?


#2

Here’s a fairly detailed response I posted to this same question in the past: What’s the file that http-01 challenge requires at challenge?

You might find @schoen’s condensed reply more accessible: What’s the file that http-01 challenge requires at challenge? He writes for humans a lot better than I do!


#3

For what it’s worth, it doesn’t make a request for the exact URI http://example.com/.well-known/acme-challenge/, it makes a request for a file in that directory, like http://example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. (Let’s Encrypt tells your ACME client what the file name is.)


#4

Thanks.

BTW this might be ironic but your website in your profile binaryparadox.net has a cert error!

Actually, I think that is my companies internal firewall sorry!


#5

:laughing: You had me worried for a second!


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.