Supporting Let’s Encrypt ACME challenges in ASP.NET Core MVC applications

Today, using SSL/TLS certificates is pretty much requirement for any publicly accessible web application. Sometimes, even company-internal applications use certificates. A modern approach to create certificates is to use Let's Encrypt, and not only because they are free.

If you use ASP.NET Core (MVC or otherwise) to write your application that needs to support the HTTP challenges, you know about the .well-known special folder. If you publish your ASP.NET application from Visual Studio, you cannot by default simply add the static challenge files to the wwwroot folder, as they are not served. Thus, Let's Encrypt sees just the HTTP 404 Not Found error.

To solve the problem, you need to add a little static route for extensionless files. For instance, something like this:

// serve Let's Encrypt ACME challenge files (no file extension, so allow unknown file types)
if (!Debugger.IsAttached)
{
  app.UseStaticFiles(new StaticFileOptions
  {
    FileProvider = new PhysicalFileProvider(Path.Combine
      (builder.Environment.WebRootPath, ".well-known", "acme-challenge")),
    RequestPath = "/.well-known/acme-challenge",
    ServeUnknownFileTypes = true, // IMPORTANT: needed for extensionless files
    DefaultContentType = "text/plain"
  });
}

Add this code before "app.UseRouting()" and it should work fine. I'm excluding debugging environments, because you usually don't want to use external certificates. Instead, the ASP.NET development certificate is usually just fine.