Httpauth and SSL certificate renewal

I have a site with httpauth activated. SSL certificate renewal is not working and an error message shows up:
Error: Let's Encrypt validation status 400 ( Details: Unable to update challenge :: authorization must be pending

What’s the best way to solve this?

Check the lets encrypt log, probaly your httpauth also restricts the LE validation process, so you would probaly need to exclude that path → SSL Certificates and Let's Encrypt — Hestia Control Panel documentation

1 Like

Trying lo lookup for LE logs, but there’s nothing like LE-{user}-{domain}.{time}.log in /var/log/hestia…

I’m using HestiaCP 1.6

LE-{user}-{domain}.log should work fine

There isn’t any log file starting with LE* in /var/log/hestia (…)

How do you do that?

No idea how you implemented htaccess, probaly gibe it a try there.

Sorry, didn’t mention it… I’m using Nginx and I implemented SSL certificates through HestiaCP feature.
Usually, using certbot I add a directive in Nginx virtual host file like this:

location ~ /\.(?!well-known\/) {
       auth_basic off;
       allow all;

looks good, place that into your template and it should work.

Ok, but looking into the “wordpress” default template I’m using there’s already a default directive that says:

location ~ /\.(?!well-known\/) {
        deny all;
        return 404;

What is it used for?

It denies access for all hidden folders

It denies access to all hidden folders, except LE well-known folder?

Yes …