htaccess的Letsencrypt [英] Letsencrypt with htaccess
问题描述
这是我当前对/frontend/web的htaccess配置
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME} [R,L]
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
我正在尝试插入以下内容:
RewriteCond %{REQUEST_URI} !^.well-known/acme-challenge/$
或
RewriteCond %{REQUEST_URI} ! /\.well-known|^\.well-known
上方
RewriteRule ^.*$ https://%{SERVER_NAME} [R,L]
创建letsecnrypt证书,但是这些都不起作用.
to create letsecnrypt certificate, but none of this is working.
Letsencrypt命令创建证书(调试Coz Centos6):
Letsencrypt command to create certificate (debug coz Centos6):
./letsencrypt-auto --debug certonly --webroot -w /var/www/html/example.com/frontend/web/ --email example@gmail.com --domains example.com
让加密错误:
The following errors were reported by the server:
Domain: example.com
Type: unauthorized
Detail: Invalid response from
http://example.com/.well-known/acme-challenge/%acme%
上面的链接将我带到站点协议的HTTPS版本.如果删除对https的重定向,则会在成功接收证书时收到一条消息.结论:.well-known继续发送到https,我的设置不起作用,我在做什么错了?
Link above leads me to the HTTPS version of the site protocol. If I remove a redirect to https, I get a message on the successful receipt of the certificate . conclusion : .well-known continues to be sent to the https , my settings did not work , what am I doing wrong?
推荐答案
只需从您的HTTPS重定向中排除.well-known,否则它将保留位置并且是永久的:
Just exclude .well-known from your HTTPS redirect, otherwise it should preserve location and be permanent:
RewriteRule ^(?!\.well-known(?:$|/)).* https://%{SERVER_NAME}/$0 [R=301,L]
编辑:最干净的方法,无需更改任何规则,就是在所有其他规则之前添加一条单独的规则,以有效地禁止对该目录进行重写,如下所示:
The cleanest way to do this without having to change any rules is to add a separate rule, before all others, that effectively disables rewriting for the directory, like this:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^\.well-known/.+ - [END]
文件存在性检查是可选的,并且省略它意味着您的服务器的默认错误响应将显示,而不是任何自定义错误页面.
The file existence check is optional, and omitting it means your server's default error response will show rather than any custom error page.
这篇关于htaccess的Letsencrypt的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
