That constant can be used to change the location for all certificates and keys to any location you like. For example you could set it to /etc/letsencrypt/live or /srv/my-certificates – you need to specify the full path.
By default, the location will be a letsencrypt/live directory, one level above your site’s root directory.
Thread Starter
John
(@dpinc)
Ok, Thanks
The folder & subfolder permission outside public html should be 700 or 750 to work fine in generate cert?
750 should work fine. It also depends on whether you want to be able to automatically refresh certificates or whether it’s fine for you to do it yourself (what you can do here depends on whether you need to enter filesystem credentials in WordPress or not).
If you want to give WordPress full access, it’s best to have that directory be owned by the same user (which was www-data in my case).
Thread Starter
John
(@dpinc)
Challenge self check failed for domain – litespeed?
Thread Starter
John
(@dpinc)
.well-known/acme-challenge
empty inside – any ideas?
Did you chown the directories to the same user as PHP on your server (in most cases that user is called www-data)?
Thread Starter
John
(@dpinc)
yes 750
www-data – where is this folder/data located usually?
local and online tested not seen www-data folder….
Thread Starter
John
(@dpinc)
Perhaps wait for bugfixed system upgrade and will try again
www-data is not a folder, it is (usually) the name of the PHP user. When listing your directories via ls -la, which user do you see in the list for that directory?
Thread Starter
John
(@dpinc)
if using csr – content security policy what domain need to be whitelisted if generate cert to avoid problem in challenge
You need to make sure that yourdomain.com/.well-known and everything inside it is accessible. Btw that has been the problem with many setups since they often disallow access to hidden directories by default (which makes sense, but you need to add an exception here).
