External Apache2, Lets-Encrypt and 404 on /.well-known/

I successfully set up everything with the recommended way of the external apache2 and SSL. My only problem: i cannot renew my cert because Gitlab will return a 404.
What i tried in my vhost file:
RewriteCond %{REQUEST_URI} !^./.well-known/.$ [NC]
before the RewriteRule line in the http and the https part, but still no luck.

Can anybody help me?

My apache rewrite howto is a bit rusty, but the final part of your condition seems a bit to strict. It ends with a dot, in this case it doesn’t matter whether that is a literal dot (".") or is used as a regex (which would be any symbol). End after that you have the end of the uri. Also, not sure whether the dot after the “^” is helping. I would try:
!^/.well-known/.*$ as the file in .well-known has some other path elements and hopefully matches the actual path that the file is in.

1 Like

Added this line before the RewriteRule
RewriteCond %{REQUEST_URI} !^/.well-known/.*$ [NC]

and disabled HSTS. Now it is working.