What exactly has to be served in the http challenge?

If you choose the http challenge type, what are the details of passing the challenge?

I’m looking at the certbot source and I see a test in challenges.py:

http://example.com/.well-known/acme-challenge/

So if I am requesting a cert for the domain example.com, it will try and make a http get request for:

http://example.com/.well-known/acme-challenge/

What does it expect as the response?

Here's a fairly detailed response I posted to this same question in the past: What's the file that http-01 challenge requires at challenge? - #2 by cpu

You might find @schoen's condensed reply more accessible: What's the file that http-01 challenge requires at challenge? - #3 by schoen He writes for humans a lot better than I do!

2 Likes

For what it's worth, it doesn't make a request for the exact URI http://example.com/.well-known/acme-challenge/, it makes a request for a file in that directory, like http://example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. (Let's Encrypt tells your ACME client what the file name is.)

2 Likes

Thanks.

BTW this might be ironic but your website in your profile binaryparadox.net has a cert error!

Actually, I think that is my companies internal firewall sorry!

1 Like

:laughing: You had me worried for a second!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.