Download raw body.
/etc/examples/httpd.conf: remove acme-challenge location from tls block
/etc/examples/httpd.conf: remove acme-challenge location from tls block
/etc/examples/httpd.conf: remove acme-challenge location from tls block
Lucas de Sena wrote (2025-01-13 23:53 CET):
> This patch removes the acme-challenge location from the TLS block in
> httpd.conf(5) example for port 443 (HTTPS). Per RFC 8555, section 8.3
> (https://www.rfc-editor.org/rfc/rfc8555#section-8.3):
>
> > the challenge must be completed over HTTP, not HTTPS
>
> There is no point in providing that location on HTTPS too.
>
> diff /usr/src
> path + /usr/src
> commit - 7b08975fc0d222558ca53c00d21416b54423d3bb
> blob - 3083d9703824057bf4645397afdcb308298aeb14
> file + etc/examples/httpd.conf
> --- etc/examples/httpd.conf
> +++ etc/examples/httpd.conf
> @@ -20,8 +20,4 @@ server "example.com" {
> location "/pub/*" {
> directory auto index
> }
> - location "/.well-known/acme-challenge/*" {
> - root "/acme"
> - request strip 2
> - }
> }
Agreed, the challenge types that run over 443 are working differently.
ok sdk@
Best regards,
Stefan
/etc/examples/httpd.conf: remove acme-challenge location from tls block
/etc/examples/httpd.conf: remove acme-challenge location from tls block
/etc/examples/httpd.conf: remove acme-challenge location from tls block