1

HTTP Basic Auth interferes with LetsEncrypt SSL creation/renewal

  • Live

Avatar
Derek Pollard

We have HTTP Basic auth setup for our staging sites,

so when letsencrypt tries to renew or create a new SSL cert, it gets the following error:

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: example.org Type: unauthorized Detail: Invalid response from /.well-known/acme-challenge/5lYye0tCTKqaxjRVerDEhODMCB9mpdwqXx_YZRsYWNk [165.2xx.xx.x]: "rn401 Authorization Requiredrnrn401 Authorization Requiredrn

we believe this is something Ploi should be able to exclude by default in the sites nginx config:

location ~ /.(?!well-known).* { 
    auth_basic off; 
    deny all; 
}

A

Activity Newest / Oldest

Avatar

Seth Giammanco

Sorry wrong place to post


Avatar

Dennis

This is now solved with newly created servers (as of start of november 2021) automatically!


Avatar

Dennis

Status changed to: Live