Getting 5 ACME validation requests, where the first one returns HTTP 200 but others return HTTP 404 #37
Description
Bug Overview
When trying to configure nginx-acme with a really simple test server, the ACME validator requests the .well-known path and the initial request returns HTTP 200, but the follow up requests made by the ACME validator return HTTP 404. I would expect all of them to return HTTP 200.
Expected Behavior
When I configure nginx-acme I expect all validator requests to return HTTP 200 and for the cert to be provisioned.
Steps to Reproduce the Bug
nginx config
user www-data;
worker_processes auto;
pid /run/nginx.pid;
load_module "modules/ngx_http_acme_module.so";
events {
worker_connections 1024;
multi_accept on;
}
http {
resolver 1.1.1.1:53;
acme_issuer le {
uri https://acme-v02.api.letsencrypt.org/directory;
accept_terms_of_service;
}
acme_shared_zone zone=ngx_acme_shared:1M;
server {
listen 443 ssl;
server_name git.kura.gg;
acme_certificate le;
ssl_certificate $acme_certificate;
ssl_certificate_key $acme_certificate_key;
error_log /var/log/nginx/error.log debug;
}
server {
listen 80;
error_log /var/log/nginx/error.log debug;
location / {
return 404;
}
}
}
Restarting nginx-debug results in 5 requests from the ACME validator, where 4 of the 5 return HTTP 404.
23.178.112.106 - - [21/Aug/2025:16:23:47 +0000] "GET /.well-known/acme-challenge/hNkP9HmQpovgxIw3s-yLfOkIwtxrPZgmIowmWQyqSZQ HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
13.61.11.68 - - [21/Aug/2025:16:23:57 +0000] "GET /.well-known/acme-challenge/hNkP9HmQpovgxIw3s-yLfOkIwtxrPZgmIowmWQyqSZQ HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
3.135.188.71 - - [21/Aug/2025:16:23:57 +0000] "GET /.well-known/acme-challenge/hNkP9HmQpovgxIw3s-yLfOkIwtxrPZgmIowmWQyqSZQ HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
34.219.222.29 - - [21/Aug/2025:16:23:57 +0000] "GET /.well-known/acme-challenge/hNkP9HmQpovgxIw3s-yLfOkIwtxrPZgmIowmWQyqSZQ HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
13.215.174.243 - - [21/Aug/2025:16:23:58 +0000] "GET /.well-known/acme-challenge/hNkP9HmQpovgxIw3s-yLfOkIwtxrPZgmIowmWQyqSZQ HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
Environment Details
- Target deployment platform: VPS
- Target OS: Ubuntu 24.04
- Version of this project or specific commit: 1.29.1+0.1.1-1 (from nginx mainline Ubuntu repo)
- Version of any relevant project languages: None
Additional Context
No response