LetsEncrypt certificate renewal behind proxy

When deploying a .NET Core website on your domain, you likely utilize a reverse proxy to route traffic from ports 443 and 80 to your Kestrel web server. The configuration for this in Apache is as follows.

The line ProxyPass /.well-known/acme-challenge ! is included to ensure that Let’s Encrypt can successfully renew the certificate.

The other ProxyPass lines are for blazor to connect to the server.

ProxyRequests On
ProxyPreserveHost On
ProxyPass /.well-known/acme-challenge !
ProxyPassMatch ^/_blazor/(.*)$1
ProxyPass /_blazor ws://localhost:5003/_blazor
ProxyPass /
ProxyPassReverse /


Leave a Reply

Your email address will not be published. Required fields are marked *