I’m not quite sure where I went wrong, but I can’t get Let’s Encrypt to work anymore. I can place a file and go to hxxps://www[dot]foo-bar[dot]com/.well-known/test.html but when I try hxxps://www[dot]foo-bar[dot]com/.well-known/test.html I get a 404 error.
Is there a way to determine the workflow of a web request to output on the server? If I could figure out the process that is causing port 80 to deny the file instead of showing it, then hopefully I can get Let’s Encrypt working again.
I’ve been racking my brain for days, and can’t seem to find a handle on this.
Yes. DNS lookup records are correct. Let’s Debug is showing “All OK” with the site as well. Something is catching the request at port 80 and redirecting it to a 404 error on the web server. If I look up the same file using port 443, it shows it without problem.
No, there aren’t any .htaccess files in the directory. So here’s something weird:
I can renew the Webmin SSL certificate just fine (Webmin > Webmin Configuration > SSL Encryption > Let’s Encrypt > Request Certificate), but it didn’t update the Usermin certificate (Webmin > Usermin Configuration > SSL Encryption > Current Certificate). I had to do that manually by selecting the Copy Certificate From Webmin button.
But…any of the other domains in Virtualmin redirect to that 404 error.
If you can’t browse to .well-known on the server filesystem, obviously LE can’t validate. You have to fix that. When you proxy or redirect, you must exclude .well-known from that and allow it to be served from the filesystem.
After some further digging, I found that I can browse a new test.html file I placed in the .well-known folder of the main Webmin server.
When I tried to access the original test.html from my first post, which had different content, I was immediately redirected to the main Webmin server’s file that I had just created.
Since the content was different, then that was the only clue I had. Now just to figure out why the redirect is occurring.
Have you tried turning off the cloudflare proxy while troubleshooting?
You mentioned that you are using cloudflare.
Turn off the proxy to show direct. Perhaps there is a conflict?