{"id":3690,"date":"2022-10-02T17:31:39","date_gmt":"2022-10-02T23:31:39","guid":{"rendered":"https:\/\/bililite.com\/blog\/?p=3690"},"modified":"2022-10-02T17:31:39","modified_gmt":"2022-10-02T23:31:39","slug":"https","status":"publish","type":"post","link":"https:\/\/bililite.com\/blog\/2022\/10\/02\/https\/","title":{"rendered":"HTTPS!"},"content":{"rendered":"<p>I've finally joined the 21st century, and gone to serving the site on https. On NearlyFreeSpeech, it should be easy: just run <code>tls-setup.sh<\/code> from an SSH terminal. That sets everything up to use <a href=\"https:\/\/letsencrypt.org\/\">Let's Encrypt<\/a>, but that was failing because I use the Apache httpd RewriteEngine to host kavanot.name, with that domain redirecting to a subdirectory in the bililite.com directory tree. But Let's Encrypt wants to have access to the .well-known directory in the main directory. So https:\/\/kavanot.name was failing, and messing everything up.<\/p>\n<p>The answer was at <a href=\"https:\/\/members.nearlyfreespeech.net\/forums\/viewtopic.php?t=11218\">https:\/\/members.nearlyfreespeech.net\/forums\/viewtopic.php?t=11218<\/a> (which unfortunately is only visible to NFS members): make sure Apache didn't rewrite the .well-known directory:<\/p>\n<pre><code>\r\nRewriteCond %{REQUEST_URI} !\\.well-known\r\nRewriteCond %{HTTP_HOST} ^kavanot\r\nRewriteRule \/\/ etc.\r\n<\/code><\/pre>\n<p>(meaning if the URI does <em>not<\/em> contain \".well-known\" and the domain starts with kavanot, then do the rewrite.<\/p>\n<p>And now running <code>tls-setup.sh<\/code> works!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I've finally joined the 21st century, and gone to serving the site on https. On NearlyFreeSpeech, it should be easy: just run tls-setup.sh from an SSH terminal. That sets everything up to use Let's Encrypt, but that was failing because I use the Apache httpd RewriteEngine to host kavanot.name, with that domain redirecting to a [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/posts\/3690"}],"collection":[{"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/comments?post=3690"}],"version-history":[{"count":2,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/posts\/3690\/revisions"}],"predecessor-version":[{"id":3692,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/posts\/3690\/revisions\/3692"}],"wp:attachment":[{"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/media?parent=3690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/categories?post=3690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/tags?post=3690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}