Permalink
Browse files

Ensure apache access to the well-known directory

  • Loading branch information...
1 parent 9449111 commit 6551501b7ef78e030ffa3169a9c9409b80b4209d @jcameron jcameron committed Jan 3, 2017
Showing with 13 additions and 2 deletions.
  1. +13 −2 webmin/letsencrypt-lib.pl
@@ -52,9 +52,9 @@ sub request_letsencrypt_cert
# Create a challenges directory under the web root
my $challenge = "$webroot/.well-known/acme-challenge";
+my @st = stat($webroot);
+my $user = getpwuid($st[4]);
if (!-d $challenge) {
- my @st = stat($webroot);
- my $user = getpwuid($st[4]);
my $cmd = "mkdir -p -m 755 ".quotemeta($challenge);
if ($user && $user ne "root") {
$cmd = &command_as_user($user, 0, $cmd);
@@ -65,6 +65,17 @@ sub request_letsencrypt_cert
}
}
+# Create a .htaccess file to ensure the directory is accessible
+my $htaccess = "$challenge/.htaccess";
+if (!-r $htaccess) {
+ &open_tempfile(HT, ">$htaccess");
+ &print_tempfile(HT, "AuthType None\n");
+ &print_tempfile(HT, "Require all granted\n");
+ &print_tempfile(HT, "Satisfy any\n");
+ &close_tempfile(HT);
+ &set_ownership_permissions($user, undef, 0755, $htaccess);
+ }
+
if ($letsencrypt_cmd && -d "/etc/letsencrypt/accounts") {
# Use the native Let's Encrypt client if possible
my $temp = &transname();

0 comments on commit 6551501

Please sign in to comment.