Redirect from /.well-known/ to /well-known/ not working

Support
1

I want to create a ssl-certificate and thus I must provide a file on my webserver.
<someUrl>.com/.well-known/acme-challenge/<someHashHere>

Since netlify don’t serve folders beginning with a dot, i made a redirect. In my dist-folder i’ve got the folder “well-known” (without a dot). Its accessible without a dot, but redirects don’t work with a dot.

This is my Netlify.toml:

Redirect from /.well-known to /well-known

[[redirects]]
  from = "/.well-known/*"
  to = "/well-known/:splat"
  status = 200
  force = true

I also tried it via the “_redirects” file, but same outcome.

For Netlify Admins to debug:
buildId: 656f39a961b018000854727e
deployId: 656f39a961b0180008547280

Any idea what im doing wrong here? I tried many things and can’t make it work.

2

Based on our logs, the redirect is working correctly. What issue are you having exactly?

4

Okay thats strange but i doesn’t seem to work on my end.

So I want to create a certificate with certbot. Now Certbot want’s to visit the website under:

https://youWillKnowTheUrl.ch/.well-known/acme-challenge/youWillKnowTheHashHere

But it results in a 404 if I type the URL in the Browser or make a curl in the Terminal. Without the dot I can access the file.

6

Aha, I was testing only for /.well-known/ as I didn’t know the full URL. But now I tried to find the full URL and ran a test against it and saw this in the logs:

detected ACME challenge path, not following redirect rule

So looks like for that specific path, the CDN is returning a 404 by ignoring the redirects. This is interesting, as I’m not sure if folks use this way to get a SSL or not, these redirects are usually used for other verifications like Apple and Google developers, for example.

Not sure if this is supported, I can ask the devs about this, but is there a particular reason why you don’t want the SSL that Netlify provides?

8

Upon confirming with the devs, it looks like there’s currently no way to handle serving a custom file at that path. You might want to use Netlify’s SSL OR switch to a different provider that doesn’t need to access this path.

9

Hi, thanks for looking into this. Thing is, im developing locally and need a valid, trusted, ssl-certificate with that particular Payment-Gateway to test things. For the live-website I already use Netlify-SSL for the live website. Will look into other solutions for this task, may there are workarounds.