From users-return-118296-archive-asf-public=cust-asf.ponee.io@httpd.apache.org Tue Dec 25 07:49:51 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 8FD00180645 for ; Tue, 25 Dec 2018 07:49:50 +0100 (CET) Received: (qmail 98323 invoked by uid 500); 25 Dec 2018 06:49:48 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 98312 invoked by uid 99); 25 Dec 2018 06:49:48 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Dec 2018 06:49:48 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 5AA25180653 for ; Tue, 25 Dec 2018 06:49:48 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.999 X-Spam-Level: * X-Spam-Status: No, score=1.999 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=2, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (1024-bit key) header.d=jwmhosting.com Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id U8CqqGE9o0Cw for ; Tue, 25 Dec 2018 06:49:45 +0000 (UTC) Received: from mx3.jwmhosting.com (jwmhosting.com [64.34.196.231]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 1F2DC5F52B for ; Tue, 25 Dec 2018 06:49:43 +0000 (UTC) DKIM-Signature: a=rsa-sha256; b=nerbipXV9V8ufwZwTd0cwdsY3eysedFAAF/5gwJgQy222swj0V5rS6VpJLgIQJF7PNhdqPUL3WBWRckw7dc7yf5j3rZS4ZiwQEYHDywR8y2nEQsX6X5PTqYBblhl+EKROHLxVarc/ETdb7uEBVIZnreVfVM+MXs46qYI69s+hhM=; s=primary; c=relaxed/relaxed; d=jwmhosting.com; v=1; bh=+ZWBHwqlU5yK2hMnQmeTGRWIK4157rZIhIX0HKbtQ3g=; h=Message-ID:Date:Subject:From:To:MIME-Version:Content-Type; MIME-Version: 1.0 X-Processor-Root: true X-Processor-Authorized-Outbound: true X_JWMH_OUTBOUND: true X_JWMH_FLAG: $label3 X_JWMH_TGTFOLDER: Apache Forums.httpd Users X-Processor-Transport: true X-UserIsAuth: true Received: from cpe-66-68-42-68.austin.res.rr.com (EHLO [192.168.0.202]) ([66.68.42.68]) by jwmhosting.com (JAMES SMTP Server ) with ESMTPA ID 504826805 for ; Tue, 25 Dec 2018 00:49:42 -0600 (CST) To: users@httpd.apache.org References: <87013c07-f871-6945-1b6d-02c1b2921bf1@malcolms.com> From: Jerry Malcolm Message-ID: <7a2b5469-4be9-2738-bb97-20aa8e474368@malcolms.com> Date: Tue, 25 Dec 2018 00:49:41 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.3.3 In-Reply-To: <87013c07-f871-6945-1b6d-02c1b2921bf1@malcolms.com> Content-Type: multipart/alternative; boundary="------------5C1A8A0DD708D3B6F6BE8489" Content-Language: en-US Subject: Re: [users@httpd] acme-challenge folder exists but 404 contents --------------5C1A8A0DD708D3B6F6BE8489 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Update... I finally went back to my Sept conf and vhosts files. With the old configuration files, acme-challenge folder became available again.  So I was able to get my certs refreshed, and I then restored the current conf files.  That at least tells me it's something in the conf files.  But I really don't want to make this my official process every three months when I refresh the certs. I guess I'll start with an A-B comparison of the conf files.  But the only real significant change I can remember in the last three months was enabling http 2.0.  Doesn't seem to me that anything in that area of config would be locking out folders with certain names (??).  In any case, I can brute-force this and back out changes one by one.  But if any of you have a hint as to what could be happening causing one specifically-named folder to be blocked (or a way to dig deeper into logs to figure it out), it'll save me a lot of time and effort. Thanks. Jerry On 12/24/2018 11:18 PM, Jerry Malcolm wrote: > > I have an apache install that has been up and running for months.  I > use LetEncrypt for certificates.  I went to renew all of my > certificates using an automated script that worked fine 3 months ago > on the last refresh.  It failed on every domain saying the challenge > file was not found.  I put a test.html file in > /.well-known/acme-challenge folder, and tried to access it with a > browser, and it gave me a 404.  After moving the test.html file around > into other folders, it was found correctly in every folder except > acme-challenge.  I even renamed acme-challenge to acme-challenge1 and > acme1challenge, and test.html was found in folders by those names.  > Renamed it back to acme-challenge and I'm again getting 404.  I have > about 15 virtual hosts defined.  Exact same situation in every virtual > host  The folder specifically named "acme-challenge" is somehow now > being blocked or hidden by apache. > > I'm using WAMP 3.1.3 (Apache 2.4.33).  The only .htaccess file in the > entire wamp tree is in the php folder, and I'm not using php.  I'd say > I haven't made any changes that would cause this problem since the > last time I refreshed certificates.  But I guess I did 'something'.  > But I'm clueless. > > One thing I did notice.... In the browser, if I look for a > non-existent file in any other folder, I get one 404 line saying the > requested file was not found on the server.  Fine.  But when I look > for that same non-existent file in the /.well-known/acme-challenge > folder, I get that same line.  But I also get another line I haven't > seen before that says: > > Additionally, a 404 Not Found error was encountered while trying to > use an ErrorDocument to handle the request. > > So not only can't find the file, it can't find a file to tell me it > can't find the file... (???). But this line ONLY appears when trying > to get a file from that one specific directory named 'acme-challenge'. > > Help.... certs have expired.... > > Thanks. > > Jerry > --------------5C1A8A0DD708D3B6F6BE8489 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

Update... I finally went back to my Sept conf and vhosts files. With the old configuration files, acme-challenge folder became available again.  So I was able to get my certs refreshed, and I then restored the current conf files.  That at least tells me it's something in the conf files.  But I really don't want to make this my official process every three months when I refresh the certs.  I guess I'll start with an A-B comparison of the conf files.  But the only real significant change I can remember in the last three months was enabling http 2.0.  Doesn't seem to me that anything in that area of config would be locking out folders with certain names (??).  In any case, I can brute-force this and back out changes one by one.  But if any of you have a hint as to what could be happening causing one specifically-named folder to be blocked (or a way to dig deeper into logs to figure it out), it'll save me a lot of time and effort.

Thanks.

Jerry


On 12/24/2018 11:18 PM, Jerry Malcolm wrote:

I have an apache install that has been up and running for months.  I use LetEncrypt for certificates.  I went to renew all of my certificates using an automated script that worked fine 3 months ago on the last refresh.  It failed on every domain saying the challenge file was not found.  I put a test.html file in /.well-known/acme-challenge folder, and tried to access it with a browser, and it gave me a 404.  After moving the test.html file around into other folders, it was found correctly in every folder except acme-challenge.  I even renamed acme-challenge to acme-challenge1 and acme1challenge, and test.html was found in folders by those names.  Renamed it back to acme-challenge and I'm again getting 404.  I have about 15 virtual hosts defined.  Exact same situation in every virtual host  The folder specifically named "acme-challenge" is somehow now being blocked or hidden by apache.

I'm using WAMP 3.1.3 (Apache 2.4.33).  The only .htaccess file in the entire wamp tree is in the php folder, and I'm not using php.  I'd say I haven't made any changes that would cause this problem since the last time I refreshed certificates.  But I guess I did 'something'.  But I'm clueless.

One thing I did notice.... In the browser, if I look for a non-existent file in any other folder, I get one 404 line saying the requested file was not found on the server.  Fine.  But when I look for that same non-existent file in the /.well-known/acme-challenge folder, I get that same line.  But I also get another line I haven't seen before that says:

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

So not only can't find the file, it can't find a file to tell me it can't find the file... (???).  But this line ONLY appears when trying to get a file from that one specific directory named 'acme-challenge'.

Help.... certs have expired....

Thanks.

Jerry

--------------5C1A8A0DD708D3B6F6BE8489--