Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
Other
31.42k
stars
3.39k
forks
source link
Certificate won't renew by HTTP on a site with RewriteEngine Off #9835
I installed Certbot with (snap, OS package manager, pip, certbot-auto, etc):
# snap list
Name Version Rev Tracking Publisher Notes
certbot 2.7.4 3462 latest/stable certbot-eff✓ classic
I ran this command and it produced this output:
Updating a certificate on an Apache site where mod_rewrite was explicitly turned off with:
RewriteEngine Off
I ran:
certbot -d mysite.com
Certbot's behavior differed from what I expected because:
The certificate wouldn't renew. I could see the request coming in for the token but my server always returned a 404.
The problem is that as my RewriteEngine command was overriding the one certbot was adding to the file so the temporary rewrite to the token files wasn't working. I commented out my RewriteEngine Off and tried again and it worked.
compilebunny
commented
1 month ago
My operating system is (include version):
I installed Certbot with (snap, OS package manager, pip, certbot-auto, etc):
I ran this command and it produced this output:
Updating a certificate on an Apache site where mod_rewrite was explicitly turned off with:
I ran:
Certbot's behavior differed from what I expected because:
The certificate wouldn't renew. I could see the request coming in for the token but my server always returned a 404.
The problem is that as my
RewriteEnginecommand was overriding the one certbot was adding to the file so the temporary rewrite to the token files wasn't working. I commented out myRewriteEngine Offand tried again and it worked.