Let’s say I’m creating a Letsencrypt certificate for the first time, so that my .well-known path will not yet be behind HTTPS.
Or worse, let’s say I was a bit too late renewing an existing Letsencrypt certificate, so that my .well-known path will be behind HTTPS with an expired Letsencrypt certificate.
Will this pose any problems when running certbot to create a new certificate? If so, how to get around these problems?
While you can redirect the request to HTTPS, I think the first request always comes as HTTP only.
To add to what @TCM said, the HTTP-01 challenge will accept pretty much any certificate - expired, self-signed, etc. is all fine, so if you’re redirecting to a https:// URL with a certificate like that, that’s fine.
Thanks fellas, this is awesome news!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.