
I am slowly gaining trust in my
Let's Encrypt setup
and today I renewed my certificate. One thing I noticed
on the first tries was that the whole process left me with a
.well-known/acme-challenge directory in every website. Solution:
use the options for a general configuration item available in Apache which is
then inherited by all virtual hosts. So now I have in the general configuration
in
/etc/apache2/apache2.conf:
Alias /.well-known/acme-challenge/ "/home/httpd/html/.well-known/acme-challenge/"
<Directory "/home/httpd/html/.well-known/acme-challenge/">
AllowOverride None
Order allow,deny
Allow from all
</Directory>
So now there is only one directory filling up with challenge-response files
which is easier to clean out. I have seen filenames for challenge response with
a - at the start so
rm * started to complain.
The first complete change to https is on
Camp Wireless, Wireless Internet access on campsites.