Lets Encrypt Apache Renew Fails When Using ProxyPass

Written by James McDonald

July 17, 2017

These Apache Proxy rules will send all traffic to the backend host

ProxyPass /
ProxyPassReverse /

Which causes letencrypt to fail when trying to renew the SSL Cert on the Proxy Host because the request for http://yoursslcerthost.example.com/.well-known/  gets incorrectly passed to the backend host

So to make it work you need to tell mod_proxy to ignore that path as follows. Then you certbot-auto renew –no-self-upgrade command will complete successfully

ProxyPass /.well-known/ !
ProxyPass /
ProxyPassReverse /

The error you will see when running certbot-auto manually may look like

- The following errors were reported by the server:

Domain: yoursslcerthost.example.com
Type: unauthorized
Detail: Invalid response from



Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like…

Toggen builds a new website

So I have built and hosted a new website for Roger Clark Pest Management they are a family owned and operated Pest...


Just downloaded WizTree (not a sponsor) from https://wiztreefree.com/ It seems to do what it says on the tin which is...

Scam call from “Telstra”

Just had a call from a man with a sub-continental accent from caller ID 0734946596 Told me there was problem with my...