Last active
December 6, 2015 18:04
-
-
Save swizzlevixen/606a66b0c4ce06dabf06 to your computer and use it in GitHub Desktop.
Revisions
-
Mark Boszko revised this gist
Dec 6, 2015 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -30,4 +30,4 @@ In `Library/Server/Web/Config/apache2/httpd_webdavsharing.conf`, there is this l `RewriteCond %{REQUEST_URI} !^/.well-known/.*` …which seems to be overriding my attempts to grab that particular pattern. (There are also several other directory patterns here that surprised me, since I didn't know they were reserved.) None of the services I'm currently running seem to need WebDAV, so I'm not sure why these rules are still being loaded. I tried commenting out the line above, to no avail. -
Dec 6, 2015 . 1 changed file with 9 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -22,4 +22,12 @@ any other directory name that I could think of to test. Is `/.well-known` reserved by the system for some reason, and is there any way to resolve this conflict? The `letsencrypt` client seems to be hard wired to look for the challenge answer at this path, but it's the one path that it seems I can't control on OS X Server. ## Update: WebDAV In `Library/Server/Web/Config/apache2/httpd_webdavsharing.conf`, there is this line: `RewriteCond %{REQUEST_URI} !^/.well-known/.*` ...which seems to be overriding my attempts to grab that particular pattern. None of the services I'm currently running seem to need WebDAV, so I'm not sure why these rules are still being loaded. I tried commenting out the line above, to no avail. -
Dec 6, 2015 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -17,8 +17,8 @@ even while OS X Server's Web services are turned on and reponding otherwise norm I thought I might be able to rewrite or redirect from `/.well-known` to a different directory on my server, but having tried both of those tacks via .htaccess overrides, as well as with the OS X Server GUI Aliases and Redirects settings, nothing I do will seem to make the server respond to an URL including `/.well-known`, despite being able to alias and redirect any other directory name that I could think of to test. Is `/.well-known` reserved by the system for some reason, and is there any way to resolve this conflict? The `letsencrypt` client seems to be hard wired to look for the challenge answer at -
Dec 6, 2015 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,7 +8,7 @@ at the URL path: `http://example.com/.well-known/acme-challenge/<challenge key>` However, while dot-hidden paths like `/.the-directory` are served just fine, I seem to have narrowed down that `/.well-known`, in specific, always returns a 503 error message, even while OS X Server's Web services are turned on and reponding otherwise normally: > Websites are turned off. -
Dec 6, 2015 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ I'm trying to figure out if **OS X Server** has, for some reason, reserved the d name `/.well-known`, and if so, how to work around it, so that I can authenticate my server for requesting an SSL certificate with [letsencrypt.org](https://letsencrypt.org/howitworks/). During the `letsencrypt` authentication process, I must put a challenge response on my server, at the URL path: `http://example.com/.well-known/acme-challenge/<challenge key>` -
Dec 6, 2015 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -20,6 +20,6 @@ with the OS X Server GUI Aliases and Redirects settings, nothing I do will seem the server respond to an URL including `/.well-known`, despite being about to alias and redirect any other directory name I was able to test. Is `/.well-known` reserved by the system for some reason, and is there any way to resolve this conflict? The `letsencrypt` client seems to be hard wired to look for the challenge answer at this path, but it's the one path that it seems I can't control on OS X Server. -
Dec 6, 2015 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,7 +11,7 @@ However, while dot-hidden paths like `/.the-directory` are served just fine, I s that `/.well-known`, in specific, always returns a 503 error message, and with an odd message, even while OS X Server's Web services are turned on and reponding otherwise normally: > Websites are turned off. > An administrator can turn them on using the Server application. I thought I might be able to rewrite or redirect from `/.well-known` to a different directory -
Dec 6, 2015 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,25 @@ I'm trying to figure out if **OS X Server** has, for some reason, reserved the directory name `/.well-known`, and if so, how to work around it, so that I can authenticate my server for requesting an SSL certificate with [letsencrypt.org](https://letsencrypt.org/howitworks/). During the authentication process, I must put a challenge response on my server, at the URL path: `http://example.com/.well-known/acme-challenge/<challenge key>` However, while dot-hidden paths like `/.the-directory` are served just fine, I seem to have narrowed down that `/.well-known`, in specific, always returns a 503 error message, and with an odd message, even while OS X Server's Web services are turned on and reponding otherwise normally: > Websites are turned off. > An administrator can turn them on using the Server application. I thought I might be able to rewrite or redirect from `/.well-known` to a different directory on my server, but having tried both of those tacks via .htaccess overrides, as well as with the OS X Server GUI Aliases and Redirects settings, nothing I do will seem to make the server respond to an URL including `/.well-known`, despite being about to alias and redirect any other directory name I was able to test. Is '/.well-known` reserved by the system for some reason, and is there any way to resolve this conflict? The `letsencrypt` client seems to be hard wired to look for the challenge answer at this path, but it's the one path that it seems I can't control on OS X Server.
Mark Boszko
revised
this gist