6๐
Your code would work if you were not using an alias.
Try this:
location ^~ /.well-known {
allow all;
alias /var/www/example.com/.well-known/;
}
or this:
location ^~ /.well-known {
allow all;
auth_basic off;
alias /path/to/.well-known/;
}
When aliasing, the ^ is required.
This is Nginx specific behaviour, to the way they perform matching. There is a detailed write-up here on matching logic and caveats, it is confusing: https://github.com/letsencrypt/acme-spec/issues/221
0๐
I tried but could not figure this out. I believe certbot is not getting the correct location and is probably writing the challenge to some other location. I had a script watching the acme challenge directory and nothing was ever created there. Ended by using the webroot option.
certbot certonly -d example.com -a webroot
It prompts for the webroot location, but only for the 1st time โ not for renewal, which allows for auto-renewal. It may work without the certonly option, but I did not try it. I updated the NGINX config manually with the cert location.
- [Django]-Query multiple models with class-based views
- [Django]-Override Django User Manager to only return active users in queries