autoSSL fails because of 301 redirect?
Hello cPanel, can you help me with this, I'd been debugging this for a half day already.
So apparently, autoSSL fails because when checking for validation, the `Cpanel-HTTP-Client/1.0` is getting 301 code on the response, but I just can't fathom why it is getting such output
yesterday:
today:
if I issue `curl -i` to a dummy file inside `/.well-known/acme-challenge` directory, its getting 200 NOT 301 Here is the rule in my `.htaccess` whitelisting the access to hidden directory (in respect with autoSSL)
As you can see, the block for the access to verification directory was set to [L] and not redirected. In case posting my full .htaccess is required to help debug, here it is [removed due to external URL] Am I missing any requirements for autoSSL to work? Hope you guys can help. Regards,
[26/Feb/2018:23:46:52 +1100] "GET /.well-known/acme-challenge/BEKT19DL9JIG9S5GPP50XAL9ZSPAV54J HTTP/1.1" 200 64 "-" "Cpanel-HTTP-Client/1.0"
[26/Feb/2018:23:46:53 +1100] "GET /.well-known/acme-challenge/M2JTRKP9EJA72ODL49X9S76K2VXNVPEX HTTP/1.1" 301 617 "-" "Cpanel-HTTP-Client/1.0"
[26/Feb/2018:23:46:53 +1100] "GET /.well-known/acme-challenge/M2JTRKP9EJA72ODL49X9S76K2VXNVPEX HTTP/1.1" 200 64 "-" "Cpanel-HTTP-Client/1.0"
today:
[27/Feb/2018:12:44:37 +1100] "GET /.well-known/acme-challenge/3JKBTU7K1SWU5C2A-TTMFIUW7AAJ2BIK HTTP/1.1" 200 64 "-" "Cpanel-HTTP-Client/1.0"
[27/Feb/2018:12:44:37 +1100] "GET /.well-known/acme-challenge/3PQLEMVJ__W39X1D-HBLELHP2I5_CRE6 HTTP/1.1" 301 617 "-" "Cpanel-HTTP-Client/1.0"
[27/Feb/2018:12:44:37 +1100] "GET /.well-known/acme-challenge/3PQLEMVJ__W39X1D-HBLELHP2I5_CRE6 HTTP/1.1" 200 64 "-" "Cpanel-HTTP-Client/1.0"if I issue `curl -i` to a dummy file inside `/.well-known/acme-challenge` directory, its getting 200 NOT 301 Here is the rule in my `.htaccess` whitelisting the access to hidden directory (in respect with autoSSL)
# allow autoSSL from cPanel
RewriteCond %{REQUEST_URI} ^\/[A-F0-9]{32}.txt(?:\ Comodo\ DCV)?$ [OR]
RewriteCond %{REQUEST_URI} ^\/[0-9]+\..+\.cpaneldcv$ [OR]
RewriteCond %{REQUEST_URI} /\.well\-known\/acme\-challenge
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule (.*) - [L]
# disable accessing hidden directories, such as ".git", ".config", etc.
RewriteRule "(^|/)\." - [F]
As you can see, the block for the access to verification directory was set to [L] and not redirected. In case posting my full .htaccess is required to help debug, here it is [removed due to external URL] Am I missing any requirements for autoSSL to work? Hope you guys can help. Regards,
-
Are you using CloudFlare? 0 -
Are you using CloudFlare?
Nope, I am not0 -
Hello, Do you have root access to this server? If so, I recommend removing the AutoSSL exclusion rules from the .htaccess file and instead enabling the following option under the "Domains" tab in "WHM >> Tweak Settings": Use a Global DCV Passthrough instead of .htaccess modification (requires EA4) Per it's description: When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each virtual host"s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions. Let us know if this helps. Thank you. 0
Please sign in to leave a comment.
Comments
3 comments