Letencrypt django webroot

Question

Letencrypt django webroot

I am trying to configure nginx and django to be able to renew certificates. However, something is wrong with my web plugin plugin

in nginx:

location ~ /.well-known { allow all; }

But when I ran the renew command:

 ./letsencrypt-auto certonly -a webroot --agree-tos --renew-by-default --webroot-path=/home/sult/huppels -d huppels.nl -d www.huppels.nl

However, it seems that the certificate update wants to receive the file from my server, because I am getting the following error.

The servers reported the following errors:

Error authorization procedure. www.huppels.nl (http-01): urn: acme: error: unauthorized :: Client lacks sufficient permission :: Wrong answer from http://www.huppels.nl/.well-known/acme-challenge/some_long_hash [51.254.101.239]: 400

How to make this possible with nginx or django?

+6

django nginx

Hans de jong Mar 12 '16 at 17:25

source share

1 answer

Sean norwood · Accepted Answer · 2016-08-15T03:55:03+0000

I have a Django application that works with a cannon. I followed the instructions here .

I have definitely included the correct location blocks:

 location /static { alias /home/user/webapp; } location / { proxy_pass http://127.0.0.1:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }

Be sure to include any template location alias.

I set up a known location block like this:

 location /.well-known { alias /home/user/webapp/.well-known; }

By indicating that it directly does the root of the webapp instead of using allow all.

I needed to make sure that I used only the non ssl block before receiving the certificate, then I used a different nginx configuration based on h5bps nginx configs.

Note. Make sure you have the appropriate A records for the domain pointing to www if you intend to use h5bp to redirect to www.

Letencrypt django webroot

More articles: