Currently, if a service behind a reverse proxy site needs to obtain a SSL certificate using let's encrypt, the /.well-known/acme-challenge/ routes are always captured by nginx and the request of the service fails.
The change forwards all /.well-known/ requests to the reverse proxy service except those, that are served by the file system directly.
This way a service can obtain it's own certificate (needed for services like owncloud, mailcow etc) or expose other /.well-known routes like webfinger or autodiscovery protocols.
cloudpanel-io
commented
8 months ago
Currently, if a service behind a reverse proxy site needs to obtain a SSL certificate using let's encrypt, the
/.well-known/acme-challenge/routes are always captured by nginx and the request of the service fails.The change forwards all
/.well-known/requests to the reverse proxy service except those, that are served by the file system directly.This way a service can obtain it's own certificate (needed for services like owncloud, mailcow etc) or expose other
/.well-knownroutes like webfinger or autodiscovery protocols.