CODEWITHSUNDEEP
nginxlets-encrypt
Matey Johnson
Matey Johnson

Reputation: 227

.well-known/acme-challenge nginx 404 error

I'm trying to verify a file upload for SSL certificate. The file needs to be .well-known/acme-challenge/file

I have successfully placed the file as above, but while accessing the same file from the web http://weburl.com/.well-known/acme-challenge/file, 404 error is coming up. When I place the same file in .well-known/ the file can be access from the path http://weburl.com/.well-known/file successfully.

My nginx configuration:

server {
        listen 80;

        server_name weburl.com; 
        root /var/www/html;

        location ~ /.well-known {
                allow all;
        }

        location ~ /\.well-known/acme-challenge/ {
            allow all;
            root /var/www/html;
            try_files $uri =404;
            break;
        }
}

Upvotes: 8

Views: 23064

Answers (3)

northtree
northtree

Reputation: 9255

You have to grant permissions for www-data user.

sudo chown -R www-data:www-data .well-known

Upvotes: 2

Nedvajz
Nedvajz

Reputation: 1029

If you have installed the LetsEcnrypt module on Plesk, but for some reason you need to authorize for eg. example.com manually like we do.

Add you authorization code to
/var/www/vhosts/default/htdocs/.well-known/acme-challenge
instead of expected (domain webroot)
/var/www/vhosts/example.com/htdocs/.well-known/acme-challenge

To find so I had to check /var/www/vhosts/system/example.com/conf/httpd.conf

Upvotes: 0

coolaj86
coolaj86

Reputation: 76994

In the first case it looks for /var/www/html/.well-known/file.

In the second case it looks for /var/www/html/file.

What you intend is for it to find /var/www/html/.well-known/acme-challenge/file

This is because you specify root in the location block, which changes where it reads the file from.

So instead of this:

    location ~ /\.well-known/acme-challenge/ {
        allow all;
        root /var/www/html; # <================= Your problem, sir
        try_files $uri =404;
        break;
    }

You should have this:

    location ~ /\.well-known/acme-challenge/ {
        allow all;
        try_files $uri =404;
        break;
    }

Shameless plug: If you're just doing simple virtual hosting and you're familiar with node at all you might like Greenlock.

Upvotes: 2

Related Questions