Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Scott Faulkner 2 posts 72 karma points
    Jan 15, 2021 @ 19:24
    Scott Faulkner
    0

    Umbraco 8 + appservice-acmebot Let's Encrypt

    Has anyone integrated Umbraco 8+ with appservice-acmebot (https://github.com/shibayan/appservice-acmebot) to automate the issuance and renewal of certificates through Let's Encrypt? Just not able to get it working while keeping the site and backoffice working, too. The problem is that Umbraco always intercepts the call to http://domain/.well-known/... Have set both Umbraco.Core.ReservedUrls and Umbraco.Core.ReservedPaths to various combinations of ~/.well-known, ~/.well-known/, ~/.well-known/acme-challenge, ~/.well-known/acme-challenge/ with no luck. It's as if those settings are not actually implemented within Umbraco.

  • Bo Jacobsen 430 posts 1809 karma points
    Jan 15, 2021 @ 21:24
    Bo Jacobsen
    0

    Hi Scott.

    You need a rewrite rule like

    <rule name="Allow LetsEncrypt" patternSyntax="Wildcard" stopProcessing="true">
         <match url=".well-known/*" />
          <action type="None" />
    </rule>
    
  • Scott Faulkner 2 posts 72 karma points
    Jan 15, 2021 @ 21:50
    Scott Faulkner
    0

    Forgot to mention that I tried that, too. Still handled by Umbraco.

  • Bo Jacobsen 430 posts 1809 karma points
    Jan 16, 2021 @ 10:39
    Bo Jacobsen
    1

    You might have to set the reservedUrls and put a web.config inside the .well-known folder.

    When i am back om work on monday, i will post what we do to make it work.

  • Ilyas Balgabekov 9 posts 79 karma points
    Jan 18, 2021 @ 04:51
    Ilyas Balgabekov
    0

    Hello, Scott. I'm just adding that in my web.config.

    <appSettings>
        <add key="umbracoReservedPaths" value="~/umbraco,~/install/,~/.well-known" />
    </appSettings>
    
  • Bo Jacobsen 430 posts 1809 karma points
    Jan 18, 2021 @ 09:53
    Bo Jacobsen
    0

    Hi Scott.

    We do this to be 100% sure that it works. (You might not need it all)

    web.config

      <appSettings>
        <add key="Umbraco.Core.ReservedPaths" value="~/.well-known" />
      </appSettings>
      <system.webServer>
        <rewrite>
          <rules>
            <!-- This have to be the first rule -->
            <rule name="Allow SSL renewal" patternSyntax="Wildcard" stopProcessing="true">
              <match url=".well-known/acme-challenge/*" />
              <action type="None" />
            </rule>
          </rules>
        </rewrite>
      </system.webServer>
    

    .well-known/web.config

    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>
      <system.webServer>
        <validation validateIntegratedModeConfiguration="false"/>
        <handlers>
          <remove name="aspNetCore"/>
        </handlers>
        <rewrite>
          <rules>
            <clear />
            <rule name="AcmeChallenge" stopProcessing="true">
              <match url=".*" />
              <action type="Rewrite" url="{R:0}.txt" appendQueryString="false" />
            </rule>
          </rules>
        </rewrite>
      </system.webServer>
      <system.web>
        <authorization>
          <allow users="*"/>
        </authorization>
      </system.web>
    </configuration>
    
Please Sign in or register to post replies

Write your reply to:

Draft