Apache Auto Renew SSL on Password Protected site

I have a web site that is password protected using Apache basic autenticiation.

I used following code in Apache config to password protect.

<Directory "/var/www/html/">
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/demo-sok-htpaswd
    Require valid-user
</Directory>

AuthType Basic

AuthName "Restricted Content"

AuthUserFile /etc/apache2/demo-sok-htpaswd

Require valid-user

</Directory>

The problem is when SSL need auto renew, it need url like http://domain/.well-known/ to be accessable with out any password for domain ownership verification.

To allow .well-known folder to be accessable with out password, i added following code in apache configuration file.

<Directory "/var/www/html/.well-known/">
    Require all granted
</Directory>

Require all granted

</Directory>

After restarting apache, urls startng with .well-known work with out needing any password.

See Apache, SSL, LetsEncrypt

Leave a Reply Cancel reply