Really Simple SSL

AutoSSL Let’s Encrypt plugin cannot verify domain because of .htaccess 301 redirect

I recently came across an issue where the AutoSSL let’s encrypt plugin can’t verify the domain. Strange though it may seem, this tool needs to access the website over http to renew the SSL certificate.

A solution can be to disable the .htaccess redirect, renew, then enable again, but this is not a very elegant solution of course. A better way is to exclude this particular file from the redirect.

I found the solution for this problem in this thread:

Application in Really Simple SSL

If you have enabled .htaccess redirect, Really Simple SSL will add some lines to your .htaccess, looking something like this:

RewriteCond %{HTTPS} != on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

First, make sure Really Simple SSL does not overwrite the .htaccess anymore, by enabling the option “stop editing the .htaccess file”.

Then add two conditions, so it won’t redirect when AutoSSL tries to access the verification file. The end result looks like this:

RewriteCond %{HTTPS} != on 
RewriteCond %{REQUEST_URI} !^/\d+\.BIN_AUTOSSL_CHECK_PL__\.\w+\.tmp$ [NC] 
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/ [NC] 
RewriteRule (.*) https://%{HTTP_HOST}%/$1

Your actual .htaccess redirect may be different, depending on your server configuration.



Related articles

4 Responses

  1. We just installed the plugin on 40-50 sites and suddenly getting slammed with notices that the LE certificate can’t renew, presumably due to this issue. We’ll have to go through them all now and make this change and remember to do that every time we get a new site and would have to go through them all again should something change.

    Would it be possible instead to build this into the plugin? An option perhaps when you select to do the htaccess redirect to include the additional lines or not? Seems that would make things much easier to manage.


Leave a Reply

Join our mailing list - 8 Tips & Tricks in your inbox over the next 8 weeks!

Integrate with Really Simple SSL

Really Simple SSL offers a Free SSL Certificate from Let’s Encrypt. Do you want to integrate with Really Simple SSL as a hosting provider? Let us know!

Choose the answer that most closely resembles your proposed integration. Additional information can be entered below.
After sending the form. The pop-up will close automatically.