Archive for October 2nd, 2022

I've finally joined the 21st century, and gone to serving the site on https. On NearlyFreeSpeech, it should be easy: just run from an SSH terminal. That sets everything up to use Let's Encrypt, but that was failing because I use the Apache httpd RewriteEngine to host, with that domain redirecting to a subdirectory in the directory tree. But Let's Encrypt wants to have access to the .well-known directory in the main directory. So was failing, and messing everything up.

The answer was at (which unfortunately is only visible to NFS members): make sure Apache didn't rewrite the .well-known directory:

RewriteCond %{REQUEST_URI} !\.well-known
RewriteCond %{HTTP_HOST} ^kavanot
RewriteRule // etc.

(meaning if the URI does not contain ".well-known" and the domain starts with kavanot, then do the rewrite.

And now running works!