61 lines
1.4 KiB
Markdown
61 lines
1.4 KiB
Markdown
# - Falls eine Authentifizierung `AuthType Basic` für das Wurzelverzeichnis `DocumentRoot`
|
|
# - definiert ist, so muss sichergestellt sein, dass die URI `/.well-known/acme-challenge/`
|
|
# - für die Let's Encrypt Server zur Verifizierung während des Zertifizierungsvorgangs
|
|
# - **ohne Authentifizierung** erreichbar ist:
|
|
|
|
# -----
|
|
# Apache Webserver
|
|
# -----
|
|
|
|
# - Apache 2.2 style
|
|
# -
|
|
<Location />
|
|
AuthType Basic
|
|
AuthName "Authentication Required"
|
|
AuthUserFile "/var/www/borg.oopen.de/.htpasswd"
|
|
Require valid-user
|
|
# - Allow Let's Encrypt Path
|
|
# -
|
|
SetEnvIf Request_URI ^/.well-known/acme-challenge(.*) allow
|
|
Order allow,deny
|
|
Allow from env=allow
|
|
Satisfy any
|
|
</Location>
|
|
|
|
# - Apache 2.4
|
|
# -
|
|
<Location />
|
|
AuthType Basic
|
|
AuthName "Authentication Required"
|
|
AuthUserFile "/var/www/borg.oopen.de/.htpasswd"
|
|
Require valid-user
|
|
# - Allow Let's Encrypt Path
|
|
# -
|
|
SetEnvIf Request_URI ^/.well-known/acme-challenge(.*) allow
|
|
Require env allow
|
|
</Location>
|
|
|
|
oder noch etwas einfacher:
|
|
|
|
<Location /.well-known>
|
|
Require all granted
|
|
</Location>
|
|
|
|
|
|
# -----
|
|
# - NGINX
|
|
# -----
|
|
|
|
## -
|
|
## - /etc/nginx/snippets/letsencrypt-acme-challenge.conf:
|
|
## -
|
|
location /.well-known/acme-challenge/ {
|
|
alias /var/www/dehydrated/;
|
|
|
|
location ~ /.well-known/acme-challenge/(.*) {
|
|
default_type text/plain;
|
|
}
|
|
|
|
auth_basic off;
|
|
}
|