Install Let’s Encrypt Certificate within a PHP Application with a public folder

I had a PHP App where only the folder “public” is accessible from the web. All requests made to the root folder were redirected to this folder. This could be any Laravel, Phalcon or Symfony Web App.

When I tried to install a Let’s Encrypt Certificate I got an Error telling me “The client lacks sufficient authorization”. After some research I noticed, the .well-know folder was created in the app root while the test request was redirected to the public folder. This can’t work!

Now I found two ways to fix this:

Tell correct Webroot folder

Add the webroot parameter (–webroot-path) to the letsencrypt command. For Example:

/root/.local/share/letsencrypt/bin/letsencrypt certonly -a webroot -d mydomain.com --webroot-path /home/yourwebapp/public_html/public

Allow folder by prevent from rewrite

You can allow access to all paths under .well-know by preventing the path from rewriting. On Apache I added this Line to .htaccess:

RewriteRule ^\.well-known\/acme-challenge\/ - [L]

On Nginx adding the following to the server directive should do the same:

location /.well-known/acme-challenge/ {
    try_files $uri /dev/null =404;
}

Due to I’m using Virtualmin‘s Let’s Encrypt functionalities and can’t set the webroot-path Parameter, the second Way worked for me.