How to verify domain on proxy

[schwindelbub]

Hi, IMHO your doc issn't concrete enough: I have the following infrastructure:

• An application running on localhost:12345
• An apache as proxy on port 80 and 443 to forward the request for example.com to localhost:12345
• So i dont have a docroot to verify an cert.

I tried the standalone method:

acme.sh --issue -d example.com --standalone --httpport 88 [Mi 28. Jun 22:54:04 CEST 2017] Standalone mode. [Mi 28. Jun 22:54:04 CEST 2017] Single domain='example.com' [Mi 28. Jun 22:54:04 CEST 2017] Getting domain auth token for each domain [Mi 28. Jun 22:54:04 CEST 2017] Getting webroot for domain='example.com' [Mi 28. Jun 22:54:04 CEST 2017] Getting new-authz for domain='example.com' [Mi 28. Jun 22:54:05 CEST 2017] The new-authz request is ok. [Mi 28. Jun 22:54:05 CEST 2017] Verifying:example.com [Mi 28. Jun 22:54:05 CEST 2017] Standalone mode server [Mi 28. Jun 22:54:09 CEST 2017] example.com:Verify error:Invalid response from http://example.com/.well-known/acme-challenge/uuCUdd5icYHkXqsbg2lCgevN3Ak0HL4Lui9dTIvRC5o: GET / HTTP/1.1 User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh) Host: localhost:88 Accept: /

It is correct that there is no valid response, because the 'http://example.com/.well-known(...)' does not exists. Maybe 'http://example.com:88/.well-known(...)' does.

What could be the problem? Any hints?

acme.sh --version https://github.com/Neilpang/acme.sh v2.7.3

Best regards schwindelbub

[Neilpang]

you can try apache mode.

[schwindelbub]

Thanks, but that's an workaround and in my environment not possible. Why is there a connection on port 80 instead of 88?

[schwindelbub]

My workaround, FYI: I mapped (apache alias) another directory (/var/www/well-known/example.com/.well-known) under http://example.com/.well-known and use this directory as docroot (-w) for acme.sh.