```apache
<VirtualHost *:80>
ServerName shaarli.mydomain.org
- # Redirect HTTP to HTTPS
- Redirect permanent / https://shaarli.mydomain.org
+ DocumentRoot /var/www/shaarli.mydomain.org/
+
+ # Redirect HTTP requests to HTTPS, except Let's Encrypt ACME challenge requests
+ RewriteEngine on
+ RewriteRule ^.well-known/acme-challenge/ - [L]
+ RewriteCond %{HTTP_HOST} =shaarli.mydomain.org
+ RewriteRule ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent]
+ # If you are using mod_md, use this instead
+ #MDCertificateAgreement accepted
+ #MDContactEmail admin@shaarli.mydomain.org
+ #MDPrivateKeys RSA 4096
</VirtualHost>
<VirtualHost *:443>
SSLCertificateFile /path/to/certificate
SSLCertificateKeyFile /path/to/private/key
- LogLevel warn
- ErrorLog /var/log/apache2/error.log
- CustomLog /var/log/apache2/access.log combined
-
# let the proxied shaarli server/container know HTTPS URLs should be served
RequestHeader set X-Forwarded-Proto "https"