Skip to main content

LetsEncrypt certs failing HTTP DCV again

Comments

2 comments

  • rbairwell

    You are running no firewall such as CSF/LFD etc? You do seem to have port 80 open to third parties (such as myself) so the only thing I can suspect on that front is some sort of ratelimit or other specific blocks of Let's Encrypts IP ranges (which they rotate occasionally to prevent allow-listing/devious IP routing issues).

    I did notice going to the full URL, the server redirected me to the https (port 443) - have you got an .htaccess file which is doing automatic HTTPS redirects without having exclusions for .well-known/acme-challenge : it should have an exclusion such as:

     RewriteCond %{HTTPS} !=on
      RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    Do you see anything in the server's Apache logs for the request from Let's Encrypt?

    0
  • cPRex Jurassic Moderator

    It looks like the issue resolved itself as I see the SSL is now good until May 2025.

    0

Please sign in to leave a comment.