Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Possible IW Bug serving files folders with hyphen
#1
Hi,
In IW wwwroot, I have a folder ".well-known" and a subfolder "acme-challenge".

Then I put a file to test("test.txt") at 
Code:
wwwroot/.well-known/acme-challenge/test.txt

In the Browser when I try access the file using:
http://127.0.0.1//.well-known/acme-challenge/test.txt

IW returns to browser an error "Resource not found".

If I get rid off the hyphen from "acme-challenge" and change to "acme_challenge".
And I use  http://127.0.0.1//.well-known/acme_challenge/test.txt   then  IW find the fille and shows in the browser.

Is it a IW bug or am I doing something wrong?
Reply
#2
acme-challenge file is not supposed to be under wwwroot

Create a folder named acme-challenge under your application folder (this new folder will be in the same level where wwwroot folder is), and put your file there.

You also need to enable EnableACME property on ServerController.SSLOptions. Then the file will be retrieved.
Reply
#3
Hi, Alexandre,

When creating a SSL in zeroSSL site, It says I have to put the chalenge into ".well-known/acme-challenge" not into "acme-challenge'.
Can you confirm it?

From zeroSSL:
Verification
To verify domain ownership using HTTP verification, you will need to create appropriate files with specific text strings under your "webroot/.well-known/acme-challenge/" directory, where "webroot" is the main directory with your website pages. Please make sure that the files you have created are actually accessible (by clicking the links below in the File column) and have proper content before clicking "Next".
Domain
Filetechaboutweb.myvnc.com
36Uq8wCvx1YEzPxX-hDPDO5-xr7WLi3A_u_GqoAeXXX
Text: 36Uq8wCvx1YEzPxX-hDPDO5-xr7WLi3A_u_GqoCCCCCAeasdfaK4.wAJFtVdbhUdivX8S-P1giJnHHUgpMFrUOgFKvV-eWLc


If i put the challenge into 'acme-challenge" folder as you said I get an error:

Verification results
Some domains have failed verification. Please study the list below and then click "Next" to try requesting new challenges for them. Note: the challenge values will be different.
Domain
Errortechaboutweb.myvnc.com
Invalid response from http://techaboutweb.myvnc.com/.well-know...u_GqoAeaK4 [18.220.225.58]: "<!DOCTYPE HTML><html><head><META HTTP-EQUIV=\"Content-Type\" content=\"text/html; charset=utf-8\"><META HTTP-EQUIV=\"Expires\" CONTENT"


Luiz
Reply
#4
Forget what ZeroSSL says. The acme-challenge directory *is not* under .well-known and *is not* under wwwroot.

Do exactly as explained and it will work.

<Your application folder>
|----- wwwroot
|----- acme-challenge
Reply
#5
Hi Alexandre,
I did and this is not working.
ZeroSSL is unable to get a response from IW with this config:
<Your application folder>
|----- wwwroot
|----- acme-challenge

Verification results
Some domains have failed verification. Please study the list below and then click "Next" to try requesting new challenges for them. Note: the challenge values will be different.
Domain
Errortechaboutweb.myvnc.com
Invalid response from http://techaboutweb.myvnc.com/.well-know...u_GqoAeaK4 [18.220.225.58]: "<!DOCTYPE HTML><html><head><META HTTP-EQUIV=\"Content-Type\" content=\"text/html; charset=utf-8\"><META HTTP-EQUIV=\"Expires\" CONTENT"


I enabled ACME in servercontroller and create a folder as you said. I put the challenge  file into folder and this is not working.
zeroSSL is not finding the challenge file in acme-challenge folder

Here is the images with the configs:

https://www.dropbox.com/s/g2y5twc40hjaq5r/ssl1.jpg?dl=0

https://www.dropbox.com/s/p9wlhpxyx3ue57h/ssl2.jpg?dl=0

https://www.dropbox.com/s/tv8ma1hvqmad6ro/ssl3.jpg?dl=0

Regards, Luiz
Reply
#6
what happens if you request the file yourself from the browser:

Open the browser locally and type in:

http://127.0.0.1/.well-known/acme-challenge/<file name here>

?
Reply
#7
(11-18-2019, 10:26 PM)Alexandre Machado Wrote: what happens if you request the file yourself from the browser:

Open the browser locally and type in:

http://127.0.0.1/.well-known/acme-challenge/<file name here>

?
The browse returns "Resource not found".
The hyphen in acme-challenge folder is the problem.
This is the cause  I ask if it is a bug.
If I create a folder with     "acmechallenge" (without hyphen) there is no problem and the browser find the file at http://127.0.0.1/.well-known/acmechallenge/<file name here>
Reply
#8
http://127.0.0.1/.well-known/acmechallenge/<file name here>

can only succeed *if you save the file inside wwwroot folder* which you should not. I wonder how it is working if the file is not inside wwwroot folder....
Reply
#9
(11-19-2019, 12:32 AM)Alexandre Machado Wrote: http://127.0.0.1/.well-known/acmechallenge/<file name here>

can only succeed *if you save the file inside wwwroot folder* which you should not. I wonder how it is working if the file is not inside wwwroot folder....
I tested both cases inside and out wwwroot as you said. The problem is the same. The hyphen again is the problem. Outside from wwwroot does not work. Only works inside and without hyphen
Reply
#10
Once again: Forget acme-challenge files inside wwwroot folder. It is not meant to be there. The issue has nothing to do with hyphen in folder name.

.well-known/acme-challenge/ is a *reserved* URL. It won't map directly to the wwwroot folder as I explained several times.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)