git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [users@httpd] Re: acme-challenge folder exists but 404 contents



On 12/25/2018 9:14 AM, Jonesy wrote:
On Tue, 25 Dec 2018 00:49:41 -0600, Jerry Malcolm wrote:
--------------5C1A8A0DD708D3B6F6BE8489
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit

Update... I finally went back to my Sept conf and vhosts files. With the
old configuration files, acme-challenge folder became available again.
So I was able to get my certs refreshed, and I then restored the current
conf files.  That at least tells me it's something in the conf files.
But I really don't want to make this my official process every three
months when I refresh the certs. I guess I'll start with an A-B
comparison of the conf files.  But the only real significant change I
can remember in the last three months was enabling http 2.0.  Doesn't
seem to me that anything in that area of config would be locking out
folders with certain names (??).  In any case, I can brute-force this
and back out changes one by one.  But if any of you have a hint as to
what could be happening causing one specifically-named folder to be
blocked (or a way to dig deeper into logs to figure it out), it'll save
me a lot of time and effort.

Thanks.

Jerry


On 12/24/2018 11:18 PM, Jerry Malcolm wrote:
I have an apache install that has been up and running for months.  I
use LetEncrypt for certificates.  I went to renew all of my
certificates using an automated script that worked fine 3 months ago
on the last refresh.  It failed on every domain saying the challenge
file was not found.  I put a test.html file in
/.well-known/acme-challenge folder, and tried to access it with a
browser, and it gave me a 404.  After moving the test.html file around
into other folders, it was found correctly in every folder except
acme-challenge.  I even renamed acme-challenge to acme-challenge1 and
acme1challenge, and test.html was found in folders by those names.
Renamed it back to acme-challenge and I'm again getting 404.  I have
about 15 virtual hosts defined.  Exact same situation in every virtual
host  The folder specifically named "acme-challenge" is somehow now
being blocked or hidden by apache.

I'm using WAMP 3.1.3 (Apache 2.4.33).  The only .htaccess file in the
entire wamp tree is in the php folder, and I'm not using php.  I'd say
I haven't made any changes that would cause this problem since the
last time I refreshed certificates.  But I guess I did 'something'.
But I'm clueless.

One thing I did notice.... In the browser, if I look for a
non-existent file in any other folder, I get one 404 line saying the
requested file was not found on the server.  Fine.  But when I look
for that same non-existent file in the /.well-known/acme-challenge
folder, I get that same line.  But I also get another line I haven't
seen before that says:

Additionally, a 404 Not Found error was encountered while trying to
use an ErrorDocument to handle the request.

So not only can't find the file, it can't find a file to tell me it
can't find the file... (???). But this line ONLY appears when trying
to get a file from that one specific directory named 'acme-challenge'.

Help.... certs have expired....

Thanks.

Jerry
Well, just from the data you've shown, your _only_ failing
directory  (.../.well-known/acme-challenge/)  jumps out as the
only example in your testing that has a hyphenated directory name.

Maybe a red herring.....
Jonesy
I had tried /.well-known/acme-challenge1, and it worked.  But even if it was a hyphen, assuming there is no .htaccess file, is there something in the configuration that would say to hide all directories with hyphens?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx