Untitled

On server, added files acmetest.html and a favicon so no 404 appears in the log.
Clear Firefox history.

Firefox:
https://www.lazygranch.site/acmetest.html
response: This is a test html file.
access.log:
myip - - [14/Jun/2017:02:21:22 +0000] "GET /acmetest.html HTTP/2.0" 200 206 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
note: Expected a get for the favicon. Also favicon not seen in firefox. Response code of 200.

Firefox:
http://www.lazygranch.site/acmetest.html
Action: Firefox switches to https://www.lazygranch.site/acmetest.html
access.log:
myip - - [14/Jun/2017:02:23:45 +0000] "GET /acmetest.html HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
myip - - [14/Jun/2017:02:23:46 +0000] "GET /acmetest.html HTTP/2.0" 304 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
note: First the 301 redirect permanently, then a 304 (not modified so pull from cache)

service nginx restart and clear history should for a fresh load rather than pull from cache.
Firefox:
http://www.lazygranch.site/acmetest.html
Action: Firefox switches to https://www.lazygranch.site/acmetest.html
myip - - [14/Jun/2017:02:32:59 +0000] "GET /acmetest.html HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
myip - - [14/Jun/2017:02:32:59 +0000] "GET /acmetest.html HTTP/2.0" 200 206 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
Note: like above

Firefox:
http://www.lazygranch.site/.well-known/acme-challenge/test.txt
Response: greetings
access.log:
myip - - [14/Jun/2017:02:36:29 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/1.1" 200 11 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
myip - - [14/Jun/2017:02:36:30 +0000] "GET /favicon.ico HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
myip - - [14/Jun/2017:02:36:30 +0000] "GET /favicon.ico HTTP/2.0" 200 2686 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
note: Weird. The favicon now appears.

Firefox:
https://www.lazygranch.site/.well-known/acme-challenge/test.txt
Response:
Browser is not secure. Displays "greetings"
access.log:
myip - - [14/Jun/2017:02:41:51 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/2.0" 307 187 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0note: Browser started out https, got the 307 redirect, but no secondary operation to retrieve the text via http.

Clear history,cache and restart nginx.
Firefox:
https://www.lazygranch.site/.well-known/acme-challenge/test.txt
Response:
"greetings" and not secure.
access.log:
myip - - [14/Jun/2017:02:49:31 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/2.0" 307 187 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
myip - - [14/Jun/2017:02:49:31 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/1.1" 200 11 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
myip - - [14/Jun/2017:02:49:31 +0000] "GET /favicon.ico HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
myip - - [14/Jun/2017:02:49:31 +0000] "GET /favicon.ico HTTP/2.0" 200 2686 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
note:
Response 307 under https goes to http with response 200 (fresh download)

add expires -1; to nginx.conf. Don't clear Firefox history or cache.
Firefox:
https://www.lazygranch.site/.well-known/acme-challenge/test.txt
response is "greetings!"
access.log:
myip - - [14/Jun/2017:03:03:31 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/2.0" 307 187 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
note: still not a fresh download