Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Platform intercepts requests to .well-known/acme-challenge/ #9329

Open
kirrrk opened this issue Nov 25, 2024 · 1 comment
Open

Platform intercepts requests to .well-known/acme-challenge/ #9329

kirrrk opened this issue Nov 25, 2024 · 1 comment
Assignees
@rachelwhitton
Labels
Process: Needs SME Issue or PR that won't move forward without subject-matter expert contribution

Comments

@kirrrk
Copy link

kirrrk commented Nov 25, 2024

Re: https://docs.pantheon.io/guides/global-cdn/https
Priority: Low

Issue Description

  • The platform intercepts requests to .well-known/acme-challenge/ in order to serve the HTTP-01 challenge responses for Let's Encrypt, but this is not publicly documented anywhere.
  • Customers sometimes need to verify their ownership of domains for third-party services and attempt to upload challenge files to .well-known/acme-challenge on their site.
  • This has created confusing on the part of both customers and CSEs who end up troubleshooting when customers open tickets about being unable to update these files, sometimes mistakenly thinking this a problem with the CDN cache.

Could we add a note to our documentation to make it clear that these requests are intercepted and customers may need to use alternative methods of domain verification for third party services?
@stevector stevector added the Process: Needs SME Issue or PR that won't move forward without subject-matter expert contribution label Dec 2, 2024
@rachelwhitton
Copy link
Member

rachelwhitton commented Dec 5, 2024
edited
Loading

@kirrrk re: this bit in here

and customers may need to use alternative methods of domain verification for third party services

What sort of alternative methods do you recommend? Like another verification method entirely? Or workarounds so that the file method is possible?

@rachelwhitton rachelwhitton self-assigned this Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rachelwhitton rachelwhitton

Labels
Process: Needs SME Issue or PR that won't move forward without subject-matter expert contribution
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@stevector @rachelwhitton @kirrrk