Hi,
I often install an sme servers as front end and some other server are installed in the lan (owncloud, syncthing, backuppc ...)
I want to have dedicated sub domains for each services and a dedicated ssl cert for each subdomains.
for example the owncloud server is running on 192.168.90.95. I configure a subdomain 'docs' and ask the sme server to ProxyPass requests for docs.exemple.be to
http://192.168.90.95/db domains setprop docs.exemple.be letsencryptSSLcert enabled ProxyPassTarget http://192.168.90.95/ TemplatePath ProxyPassVirtualHosts Description "owncloud reverse proxy"
Unfortunately, when requesting the ssl with
dehydrated -c -x
the request for /.well-known/acme-challenge/XXXX is sent to the owncloud server.
What need to be done, is to explain to the sme to not proxy the requests for /.well-known/acme-challenge/ to the lan server.
To solve that, I've made two templates fragments:
/etc/e-smith/templates/etc/httpd/conf/httpd.conf/ProxyPassVirtualHosts/04well-known-challenge
#Alias for letsencrypt
Alias /.well-known/acme-challenge/ /home/e-smith/files/ibays/Primary/html/.well-known/acme-challenge/
#
/etc/e-smith/templates/etc/httpd/conf/httpd.conf/ProxyPassVirtualHosts/27Well-known-challenge
# Alias exception for letsencrypt
ProxyPassMatch ^/.well-known/acme-challenge/ !
#[/codecode]
Now it works.