You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jonesy <SP...@jonz.net> on 2018/12/25 15:14:30 UTC
[users@httpd] Re: acme-challenge folder exists but 404 contents
On Tue, 25 Dec 2018 00:49:41 -0600, Jerry Malcolm wrote:
> --------------5C1A8A0DD708D3B6F6BE8489
> Content-Type: text/plain; charset=utf-8; format=flowed
> Content-Transfer-Encoding: 8bit
>
> Update... I finally went back to my Sept conf and vhosts files. With the
> old configuration files, acme-challenge folder became available again.
> So I was able to get my certs refreshed, and I then restored the current
> conf files. That at least tells me it's something in the conf files.
> But I really don't want to make this my official process every three
> months when I refresh the certs. I guess I'll start with an A-B
> comparison of the conf files. But the only real significant change I
> can remember in the last three months was enabling http 2.0. Doesn't
> seem to me that anything in that area of config would be locking out
> folders with certain names (??). In any case, I can brute-force this
> and back out changes one by one. But if any of you have a hint as to
> what could be happening causing one specifically-named folder to be
> blocked (or a way to dig deeper into logs to figure it out), it'll save
> me a lot of time and effort.
>
> Thanks.
>
> Jerry
>
>
> On 12/24/2018 11:18 PM, Jerry Malcolm wrote:
>>
>> I have an apache install that has been up and running for months. I
>> use LetEncrypt for certificates. I went to renew all of my
>> certificates using an automated script that worked fine 3 months ago
>> on the last refresh. It failed on every domain saying the challenge
>> file was not found. I put a test.html file in
>> /.well-known/acme-challenge folder, and tried to access it with a
>> browser, and it gave me a 404. After moving the test.html file around
>> into other folders, it was found correctly in every folder except
>> acme-challenge. I even renamed acme-challenge to acme-challenge1 and
>> acme1challenge, and test.html was found in folders by those names.
>> Renamed it back to acme-challenge and I'm again getting 404. I have
>> about 15 virtual hosts defined. Exact same situation in every virtual
>> host The folder specifically named "acme-challenge" is somehow now
>> being blocked or hidden by apache.
>>
>> I'm using WAMP 3.1.3 (Apache 2.4.33). The only .htaccess file in the
>> entire wamp tree is in the php folder, and I'm not using php. I'd say
>> I haven't made any changes that would cause this problem since the
>> last time I refreshed certificates. But I guess I did 'something'.
>> But I'm clueless.
>>
>> One thing I did notice.... In the browser, if I look for a
>> non-existent file in any other folder, I get one 404 line saying the
>> requested file was not found on the server. Fine. But when I look
>> for that same non-existent file in the /.well-known/acme-challenge
>> folder, I get that same line. But I also get another line I haven't
>> seen before that says:
>>
>> Additionally, a 404 Not Found error was encountered while trying to
>> use an ErrorDocument to handle the request.
>>
>> So not only can't find the file, it can't find a file to tell me it
>> can't find the file... (???). But this line ONLY appears when trying
>> to get a file from that one specific directory named 'acme-challenge'.
>>
>> Help.... certs have expired....
>>
>> Thanks.
>>
>> Jerry
Well, just from the data you've shown, your _only_ failing
directory (.../.well-known/acme-challenge/) jumps out as the
only example in your testing that has a hyphenated directory name.
Maybe a red herring.....
Jonesy
--
Marvin L Jones | Marvin | W3DHJ.net | linux
38.238N 104.547W | @ jonz.net | Jonesy | FreeBSD
* Killfiling google & XXXXbanter.com: jonz.net/ng.htm
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: acme-challenge folder exists but 404 contents
Posted by Jerry Malcolm <te...@malcolms.com>.
On 12/25/2018 9:14 AM, Jonesy wrote:
> On Tue, 25 Dec 2018 00:49:41 -0600, Jerry Malcolm wrote:
>> --------------5C1A8A0DD708D3B6F6BE8489
>> Content-Type: text/plain; charset=utf-8; format=flowed
>> Content-Transfer-Encoding: 8bit
>>
>> Update... I finally went back to my Sept conf and vhosts files. With the
>> old configuration files, acme-challenge folder became available again.
>> So I was able to get my certs refreshed, and I then restored the current
>> conf files. That at least tells me it's something in the conf files.
>> But I really don't want to make this my official process every three
>> months when I refresh the certs. I guess I'll start with an A-B
>> comparison of the conf files. But the only real significant change I
>> can remember in the last three months was enabling http 2.0. Doesn't
>> seem to me that anything in that area of config would be locking out
>> folders with certain names (??). In any case, I can brute-force this
>> and back out changes one by one. But if any of you have a hint as to
>> what could be happening causing one specifically-named folder to be
>> blocked (or a way to dig deeper into logs to figure it out), it'll save
>> me a lot of time and effort.
>>
>> Thanks.
>>
>> Jerry
>>
>>
>> On 12/24/2018 11:18 PM, Jerry Malcolm wrote:
>>> I have an apache install that has been up and running for months. I
>>> use LetEncrypt for certificates. I went to renew all of my
>>> certificates using an automated script that worked fine 3 months ago
>>> on the last refresh. It failed on every domain saying the challenge
>>> file was not found. I put a test.html file in
>>> /.well-known/acme-challenge folder, and tried to access it with a
>>> browser, and it gave me a 404. After moving the test.html file around
>>> into other folders, it was found correctly in every folder except
>>> acme-challenge. I even renamed acme-challenge to acme-challenge1 and
>>> acme1challenge, and test.html was found in folders by those names.
>>> Renamed it back to acme-challenge and I'm again getting 404. I have
>>> about 15 virtual hosts defined. Exact same situation in every virtual
>>> host The folder specifically named "acme-challenge" is somehow now
>>> being blocked or hidden by apache.
>>>
>>> I'm using WAMP 3.1.3 (Apache 2.4.33). The only .htaccess file in the
>>> entire wamp tree is in the php folder, and I'm not using php. I'd say
>>> I haven't made any changes that would cause this problem since the
>>> last time I refreshed certificates. But I guess I did 'something'.
>>> But I'm clueless.
>>>
>>> One thing I did notice.... In the browser, if I look for a
>>> non-existent file in any other folder, I get one 404 line saying the
>>> requested file was not found on the server. Fine. But when I look
>>> for that same non-existent file in the /.well-known/acme-challenge
>>> folder, I get that same line. But I also get another line I haven't
>>> seen before that says:
>>>
>>> Additionally, a 404 Not Found error was encountered while trying to
>>> use an ErrorDocument to handle the request.
>>>
>>> So not only can't find the file, it can't find a file to tell me it
>>> can't find the file... (???). But this line ONLY appears when trying
>>> to get a file from that one specific directory named 'acme-challenge'.
>>>
>>> Help.... certs have expired....
>>>
>>> Thanks.
>>>
>>> Jerry
> Well, just from the data you've shown, your _only_ failing
> directory (.../.well-known/acme-challenge/) jumps out as the
> only example in your testing that has a hyphenated directory name.
>
> Maybe a red herring.....
> Jonesy
I had tried /.well-known/acme-challenge1, and it worked. But even if it
was a hyphen, assuming there is no .htaccess file, is there something in
the configuration that would say to hide all directories with hyphens?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org