by Devin Yang
(This article was automatically translated.)

Published - 3 years ago ( Updated - 3 years ago )

Let all requests that link to acme-challenge directory files be linked to a specific folder.

Apache
Represents all websites, if the folder opens /.well-known/acme-challenge/, it will open the directory I specified /home/nginx/acme- challenge/.well-known/acme-challenge/

Alias ​​/.well-known/acme-challenge/ "/home/nginx/acme -challenge/.well-known/acme-challenge/"

Nginx
Represents the web page connection /.well-known/acme-challenge/, The root directory of the website is /home/nginx/acme-challenge

location ^~ /.well-known/acme-challenge/ {
    default_type "text/plain";
    root /home/nginx/acme-challenge;
}

Some people may be curious about what to do with this, I will roughly explain my situation, super old host, no Docker can not install HAProxy or certbo, only apache and nginx.
But I need to automatically apply for and update the certificate on the host, so I let the host mount the folder on another host that can run the certbot program through NFS, and let the verification file generated by him be generated directly In the /home/nginx/acme-challenge/.well-known/acme-challenge/ directory on the old host,
the webpage can be successfully verified and the certificate can be obtained.

When there are a lot of vhosts, you can all eat the same folder, instead of creating a directory for each vhost website.

Tags: config ssl certbot

Devin Yang

Feel free to ask me, if you don't get it.:)

No Comment

Post your comment

Login is required to leave comments

Similar Stories


certbot,docker,ftp

curlftpfs introduction and manual certificate application

Situation sharing, imagine that you have WebHosting, which only provides FTP connection, and then you want to apply for a certificate manually. In this article, I share how I use Docker to install curlftpfs, mount the FTP folder of the remote host, and then execute certbot in the container to apply for an SSL certificate. Leaving aside the certificate application, when I first discovered the curlftpfs command, I found it very interesting, especially if you are a MacOS user and do not have a satisfactory FTP software at hand. You love scrolling through the command line as much as I do, so maybe you should love this command too. 🤭

config

3C Tech Center moved to GCP

I can't stand Bulehost's slow speed, and I have pulled DNS back to be directly managed by networksolutions. Adjust the DNS setting TTL to two hours, maybe it will be converted to other places.. Here are a few things that I personally don't like about Bulehost. 1. The host should be in the United States, and the speed is too slow. Two, no http/2. 3. The time zone of mysql cannot be adjusted. So decided to move to Google Cloud Platform...

linux,config

Ubuntu ppp0 renamed eth0

Not sure who will use it, but I encountered it myself, because my home is a floating IP. A software I installed cannot detect that the ppp0 network card is an external network, so changing the name can trick him into successfully installing it.