EPrints Technical Mailing List Archive
See the EPrints wiki for instructions on how to join this mailing list and related information.
Message: #08154
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
[EP-tech] LetsEncrypt / EPrints Rewrite rules
- To: "'eprints-tech@ecs.soton.ac.uk'" <eprints-tech@ecs.soton.ac.uk>
- Subject: [EP-tech] LetsEncrypt / EPrints Rewrite rules
- From: John Salter <J.Salter@leeds.ac.uk>
- Date: Thu, 7 May 2020 12:41:39 +0000
Hi, https://wiki.eprints.org/w/Setting_up_HTTPS_using_Let%27s_Encrypt and wondering how they actually work alongside an EPrints install. In the EPrints::Apache::Rewrite module (which would normally handle anything in the EPrints' domain, there is a specific rule declining access to anything including '/.'. The normal LetsEncrypt issuance/renewal process uses an asynchronous challenge/response to the server - normally to a URL like: This contains the '/.' string, so the EPrints stack rejects the request. There are two resolutions to this: 1)
Add a rule to the Apache config to prevent the EPrints stack handling the '.well-known' directory 2)
Add a URL rewrite trigger to serve the '.well-known' directory (if it exists). For my test server, I have gone down the second of these routes - and will add details to the Wiki page. Can someone using LetsEncrypt confirm that the above is correct - and provide an example of the Apache config used? There may be other approaches - LetsEncrypt has various mechanisms, but the Apache or Webroot ones are the most relevant here I think. Cheers, John John Salter http://orcid.org/0000-0002-8611-8266 |
- Follow-Ups:
- [EP-tech] LetsEncrypt / EPrints Rewrite rules
- From: John Salter <J.Salter@leeds.ac.uk>
- [EP-tech] LetsEncrypt / EPrints Rewrite rules
- References:
- [EP-tech] LetsEncrypt / EPrints Rewrite rules
- From: John Salter <J.Salter@leeds.ac.uk>
- [EP-tech] LetsEncrypt / EPrints Rewrite rules
- Prev by Date: [EP-tech] reindex some PDF give Duplicate entry error
- Next by Date: [EP-tech] Different field labels
- Previous by thread: [EP-tech] EPrints/CRIS
- Next by thread: [EP-tech] DOI handling in orcid_support_advance
- Index(es):