AutoSSL Let’s Encrypt plugin cannot verify domain because of .htaccess 301 redirect

I recently came across an issue where the AutoSSL let’s encrypt plugin can’t verify the domain. Strange though it may seem, this tool needs to access the website over http to renew the SSL certificate.

A solution can be to disable the .htaccess redirect, renew, then enable again, but this is not a very elegant solution of course.

A better solution is to uninstall the AutoSSL plugin and let Really Simple SSL handle the Lets Encrypt certificate proces.

 

If you want to keep using AutoSSL, another way is to exclude this particular file from the redirect. I found the solution for this problem in this thread:
https://forums.cpanel.net/threads/autossl-htaccess-whitelist.562651/

Application in Really Simple SSL

If you have enabled .htaccess redirect, Really Simple SSL will add some lines to your .htaccess, looking something like this:

RewriteCond %{HTTPS} != on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

First, make sure Really Simple SSL does not overwrite the .htaccess anymore, by enabling the option “stop editing the .htaccess file”.

Then add two conditions, so it won’t redirect when AutoSSL tries to access the verification file. The end result looks like this:

RewriteCond %{HTTPS} != on 
RewriteCond %{REQUEST_URI} !^/\d+\.BIN_AUTOSSL_CHECK_PL__\.\w+\.tmp$ [NC] 
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/ [NC] 
RewriteRule (.*) https://%{HTTP_HOST}%/$1

Your actual .htaccess redirect may be different, depending on your server configuration.

Simple and Performant Security.
Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate generation.