Lets Encrypt Apache Renew Fails When Using ProxyPass

Written by James McDonald



IT Tips



0 Comments(s)



July 17, 2017

These Apache Proxy rules will send all traffic to the backend host

ProxyPass / http://10.80.19.5/
ProxyPassReverse / http://10.80.19.5/

Which causes letencrypt to fail when trying to renew the SSL Cert on the Proxy Host because the request for http://yoursslcerthost.example.com/.well-known/ gets incorrectly passed to the backend host

So to make it work you need to tell mod_proxy to ignore that path as follows. Then you certbot-auto renew –no-self-upgrade command will complete successfully

ProxyPass /.well-known/ !
ProxyPass / http://10.80.19.5/
ProxyPassReverse / http://10.80.19.5/

The error you will see when running certbot-auto manually may look like


IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: yoursslcerthost.example.com
Type: unauthorized
Detail: Invalid response from
http://yoursslcerthost.example.com/.well-known/acme-challenge/U2LE5nLJAjd8qivBEJ-MdFdLDMRI2sihEARSPik24O3:

← Prev: Just discovered the Elegant Themes --- Visual Builder Next: Postbooks Updater won't run on Fedora 26 work-a-round →

0 Comments

Submit a Comment Cancel reply

Macbook Pro Mouse Pointer Moves but click stops working

Apr 27, 2024

I keep having an issue that my mouse track pad stops working. I can move the mouse pointer but I can't click. Possible...

Generate custom fixture names in Cakephp 5