Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Letsencrypt with webroot on Apache

Config Apache with /etc/apache2/conf-available/le.conf:

Alias /.well-known/acme-challenge/ "/var/www/html/.well-known/acme-challenge/"
<Directory "/var/www/html/">
    AllowOverride None
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

Enable config:

sudo a2enconf le

Install cert / renew cert:

certbot-auto certonly --non-interactive --register-unsafely-without-email --agree-tos --expand --webroot --webroot-path /var/www/html --domain my-domain.org
certbot-auto renew --webroot --webroot-path /var/www/html --no-self-upgrade
@No3x

This comment has been minimized.

Copy link

@No3x No3x commented Mar 12, 2018

This works well even with virtual hosts and their mapping via ServerName.

@runningnet

This comment has been minimized.

Copy link

@runningnet runningnet commented Apr 5, 2018

Thanks, that help me!

@slat

This comment has been minimized.

Copy link

@slat slat commented Apr 14, 2018

Thanks, I had to set an additional proxy condition to ensure mod_proxy wouldn't interfere.
ProxyPass /.well-known !
ProxyPass / http://127.0.0.1:9999/

@myrdd

This comment has been minimized.

Copy link

@myrdd myrdd commented Jun 12, 2018

Thank you @slat, this works great!

@jacksdrobinson

This comment has been minimized.

Copy link

@jacksdrobinson jacksdrobinson commented Sep 20, 2018

This was my answer after an afternoon of work. Cheers.

@okainov

This comment has been minimized.

Copy link

@okainov okainov commented Nov 16, 2018

Just a note - if will not work if somewhere in other Apache sites you have Location / block - it will override this configuration. I solved it by removing Location block at all

@tomredman

This comment has been minimized.

Copy link

@tomredman tomredman commented Jan 23, 2019

Thanks so much for sharing this!

@norayr

This comment has been minimized.

Copy link

@norayr norayr commented Apr 20, 2020

Thanks, I had to set an additional proxy condition to ensure mod_proxy wouldn't interfere.
ProxyPass /.well-known !
ProxyPass / http://127.0.0.1:9999/

thank you @slat, that was very helpful for my mastodon instance. (:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment