Fixing Let’s Encrypt with custom Nginx rules on Plesk

When having expressions like this:

location ~ ^/(?:\.|include) {
    deny all;
}

All requests which start with a dot (.) or include get denied. As such the required .well-known folder used for the acme challenge by Let’s Encrypt gets denied too and Plesk is unable to renew certificates.

To solve it, it is possible to add (?!well-known) to every regex which is in conflict. However, it is easier to simply define a new location block on the very top of the configuration:

location ^~ /.well-known/acme-challenge/ {
    default_type “text/plain”;
}

 

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.