Let's Encrypt verification URL and path must be /.well-known/acme-challenge/. Also, don't redirect that to HTTPS.
diff --git a/src/main/java/org/apache/freemarker/onlinetester/dropwizard/FreeMarkerOnlineTester.java b/src/main/java/org/apache/freemarker/onlinetester/dropwizard/FreeMarkerOnlineTester.java
index 563720a..6327348 100644
--- a/src/main/java/org/apache/freemarker/onlinetester/dropwizard/FreeMarkerOnlineTester.java
+++ b/src/main/java/org/apache/freemarker/onlinetester/dropwizard/FreeMarkerOnlineTester.java
@@ -68,14 +68,14 @@
bootstrap.addBundle(new ConfiguredAssetsBundle(
ImmutableMap.of(
"/assets/", "/assets/", // css, js, images...
- "/letsencrypt-verify", "/letsencrypt-verify" // Map to a file outside the jar in the yml!
+ "/override-me/", "/.well-known/acme-challenge/" // Map to a file outside the jar in the yml!
)));
bootstrap.addBundle(new RedirectBundle(
new UriRedirect(
"http://freemarker-online.kenshoo.com([:/].*)$",
"http://try.freemarker.org$1"),
new UriRedirect(
- "http://try.freemarker.apache.org([:/].*)$",
+ "http://try.freemarker.apache.org((:\\d+)?/(?!\\.well-known/acme-challenge/).*)$",
"https://try.freemarker.apache.org$1")
));
}
diff --git a/src/main/resources/freemarker-online.yml b/src/main/resources/freemarker-online.yml
index 1ffb937..4dc96e7 100644
--- a/src/main/resources/freemarker-online.yml
+++ b/src/main/resources/freemarker-online.yml
@@ -34,6 +34,15 @@
server:
requestLog:
appenders: []
+# # FOR PRODUCTION:
+# - type: file
+# currentLogFilename: /opt/fmonlinetester/var/log/access.log
+# threshold: ALL
+# archive: true
+# archivedLogFilenamePattern: /opt/fmonlinetester/var/log/access-%d.log.gz
+# archivedFileCount: 5
+# timeZone: UTC
+# logFormat:
applicationConnectors:
- type: http
port: 8080
@@ -47,7 +56,8 @@
adminConnectors:
# HTTP POST to /tasks/reload-ssl to reload SSL certificates without stopping.
- type: http
- port: 8081
+ port: 8081
+
viewRendererConfiguration:
freemarker: # was `.ftl:` before Dropwizard 1.3.0
incompatibleImprovements: 2.3.28
@@ -55,8 +65,10 @@
timeZone: UTC
outputEncoding: UTF-8
templateExceptionHandler: rethrow
+
assets:
overrides:
# Let's Encrypt certbot writes its domain ownership vertification file here. It will visit
- # it from outside when we ask for a new certificate:
- /letsencrypt-verify: /opt/fmonlinetester/var/letsencrypt-verify
\ No newline at end of file
+ # it from outside when we ask for a new certificate. Note that the left side location must also
+ # be stated in FreeMarkerOnlineTester.java!
+ /.well-known/acme-challenge/: /opt/fmonlinetester/var/letsencrypt-acme-challenge/.well-known/acme-challenge/
\ No newline at end of file