Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
--http-01-port/--dvsni-port ignored by auth check from --server #1357
As I don't want to shutdown my web server (running multiple VHosts) for cert creation/renewal, I've tried using the
Note the missing port in the URL – which made the running Apache answer the request; the Apache logs confirm this:
So somehow the detail which port to use gets lost on the way to the remote server (boulder).
System: Debian Wheezy with the client just installed a few hours ago via
(note that I've added
I don't want a downtime of several minutes just for refreshing certs – and I don't want to risk Apache not starting up if something goes wrong. So what's the correct way to have the challenge using different ports then? Related issue: #1164
referenced this issue
Nov 5, 2015
I'm sorry for any confusion the existence of these flags caused. The
As you do not want to shutdown your server or use the Apache plugin, I recommend you take a look at webroot. The basic idea here is to use your existing webserver to serve the files that need to be provisioned for domain validation. No shutdown of Apache necessary.
Thanks for the explanation! Indeed it's a bit confusing why the client is able to switch ports while the server doesn't support it (so I've suspected the documentation being "behind", as it doesn't seem to make sense).
Also thanks for the pointer with webroot, which indeed seems to be the answer to my issue; I will try that instead then. Though if I understand correctly, that requires to setup some
PS: For some practical examples on using "webroot", it might be worth seeing the discussion on its initial article in Using the webroot domain verification method. While the article itself might be slightly outdated (some steps no longer apply with that patch being merged), the comments below it give several good examples for Apache and Nginx.