-
Notifications
You must be signed in to change notification settings - Fork 25
Rewrite rules in htaccess cause an error: The client lacks sufficient authorization #13
Comments
The same goes for me, see: http://talk.plesk.com/threads/lets-encrypt-support.334195/ |
Same Problem here. |
Same problem here:
Any solution or idea how to fix this? |
According to the comments here: https://ext.plesk.com/packages/f6847e61-33a7-4104-8dc9-d26a0183a8dd-letsencrypt Eugene Kazakov: So I just disabled my .htaccess file to install the certificate. It worked fine. Regards |
argg.. the two domains I tested on were also tests for Cloud flare... another domain worked fine. |
Changing the .htaccess worked but that's not a solution, 'cause I'm not willing to rename it every 90 days. |
Same problem when using BasicAuth. |
Guys, could post here (or in gists) the content of your .htaccess files blocking the validation? |
Great it works if you delete the .htaccess file and create the certifikate. Than copy the .htaccess file back to the domain and it works. |
<IfModule mod_headers.c>
<IfModule mod_fcgid.c>
<IfModule mod_setenvif.c>
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
</IfModule>
</IfModule>
<IfModule mod_env.c>
# Add security and privacy related headers
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set X-Robots-Tag "none"
Header set X-Frame-Options "SAMEORIGIN"
SetEnv modHeadersAvailable true
</IfModule>
# Add cache control for CSS and JS files
<FilesMatch "\.(css|js)$">
Header set Cache-Control "max-age=7200, public"
</FilesMatch>
</IfModule>
<IfModule mod_php5.c>
php_value upload_max_filesize 512M
php_value post_max_size 512M
php_value memory_limit 512M
php_value mbstring.func_overload 0
php_value always_populate_raw_post_data -1
php_value default_charset 'UTF-8'
php_value output_buffering 0
<IfModule mod_env.c>
SetEnv htaccessWorking true
</IfModule>
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R=301,L]
RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R=301,L]
RewriteRule ^apps/calendar/caldav\.php remote.php/caldav/ [QSA,L]
RewriteRule ^apps/contacts/carddav\.php remote.php/carddav/ [QSA,L]
RewriteRule ^remote/(.*) remote.php [QSA,L]
RewriteRule ^(build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
RewriteRule ^(\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
ModPagespeed Off
</IfModule> |
I have the same problem only on owncloud. And i don´t understand Liwindow´s last post . |
djimno - the own cloud .htaccess does indeed block LetsEncrypt - the temporary solution is move the .htaccess file to .htaccess.bak or similar, generate the certificate, then move it back (temporary outage) LiWindow's post is a reply to: Feel free to post the .htaccess for your own ownCloud to help diagnose this |
My .htaccess
|
Guys, I'd like to have a proof of concept the proposed fix: put the file
Please, write back about results: is the renewal successful? |
I "think" it works - unfortunately I just got an error message saying that it couldn't replace the current certificate, and when I fixed that I hit the limit for max certificates a day :( However, the certificate was successfully issued (and placed in the folder) so this does appear to be a solution currently |
The certificate is created but not added in the Plesk-GUI. |
Thanks @xgin, that works very well! |
The message |
+1 Same case with drupal installations. |
Great! Thanks for the |
Could this be due to the preferred domain setting, where you can select wether it should prefer "www.", without or "I don't care"? |
I had the same issue with a drupal install and found that there is a default rule in the drupal 7 .htaccess file which forbid access to hidden directories:
A workaround is to add a RewriteCond just before the rewrite rule but it would be better if we didn't have to alter the default .htaccess
|
Getting.. (logged in as root user have tried admin user also)
Error: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: 2015-12-04 18:52:36,802:WARNING:letsencrypt.cli:Root (sudo) is required to run most of letsencrypt functionality.
Failed authorization procedure. a_domain.co.uk (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://a_domain.co.uk.co.uk/.well-known/acme-challenge/0wPfl4lr8OFueUZVgmoJkBT97AE6i_1qG3P0tg0oetI [212.38.162.227]: 404
IMPORTANT NOTES:
the server:
Domains: a_domain.co.uk.co.uk
Error: The client lacks sufficient authorization
The text was updated successfully, but these errors were encountered: