Excluding/including SSL on specific pages Redirect rules SSL certificate

AutoSSL Let’s Encrypt plugin cannot verify domain because of .htaccess 301 redirect

I recently came across an issue where the AutoSSL let’s encrypt plugin can’t verify the domain. Strange though it may seem, this tool needs to access the website over http to renew the SSL certificate.

A solution can be to disable the .htaccess redirect, renew, then enable again, but this is not a very elegant solution of course. A better way is to exclude this particular file from the redirect.

I found the solution for this problem in this thread:
https://forums.cpanel.net/threads/autossl-htaccess-whitelist.562651/

Application in Really Simple SSL

If you have enabled .htaccess redirect, Really Simple SSL will add some lines to your .htaccess, looking something like this:

RewriteCond %{HTTPS} != on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

First, make sure Really Simple SSL does not overwrite the .htaccess anymore, by enabling the option “stop editing the .htaccess file”.

Then add two conditions, so it won’t redirect when AutoSSL tries to access the verification file. The end result looks like this:

RewriteCond %{HTTPS} != on 
RewriteCond %{REQUEST_URI} !^/\d+\.BIN_AUTOSSL_CHECK_PL__\.\w+\.tmp$ [NC] 
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/ [NC] 
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Your actual .htaccess redirect may be different, depending on your server configuration.

Related Articles

Leave a Comment