win-acme: Authorization Result: invalid

I’m unable to get an authorization. I checked file C:\inetpub\wwwroot.well-known/acme-challenge/71xO9oqLyv2rmopvZQceLBXURtg8m7PKe1iCpcyVvOU is present and http://wsus.ivsweb.com/.well-known/acme-chall enge/71xO9oqLyv2rmopvZQceLBXURtg8m7PKe1iCpcyVvOU is reachable

I also execute the 3 steps detailled bellow to get StaticFile above ExtensionlessUrlHandler.

Thank you for your help

Let's Encrypt (Simple Windows ACME Client)
Renewal Period: 60
Certificate Store: WebHosting

ACME Server: https://acme-v01.api.letsencrypt.org/
Config Folder: C:\Users\aellert\AppData\Roaming\letsencrypt-win-simple\httpsacme
-v01.api.letsencrypt.org
Certificate Folder: C:\Users\aellert\AppData\Roaming\letsencrypt-win-simple\http
sacme-v01.api.letsencrypt.org
Loading Signer from C:\Users\aellert\AppData\Roaming\letsencrypt-win-simple\http
sacme-v01.api.letsencrypt.org\Signer

Getting AcmeServerDirectory
Loading Registration from C:\Users\aellert\AppData\Roaming\letsencrypt-win-simpl
e\httpsacme-v01.api.letsencrypt.org\Registration

Scanning IIS Site Bindings for Hosts
 1: IIS wsus.ivsweb.com (%SystemDrive%\inetpub\wwwroot)

 W: Generate a certificate via WebDav and install it manually.
 F: Generate a certificate via FTP/ FTPS and install it manually.
 M: Generate a certificate manually.
 A: Get certificates for all hosts
 Q: Quit
Which host do you want to get a certificate for: 1

Authorizing Identifier wsus.ivsweb.com Using Challenge Type http-01
 Writing challenge answer to C:\inetpub\wwwroot\.well-known/acme-challenge/71xO9
oqLyv2rmopvZQceLBXURtg8m7PKe1iCpcyVvOU
 Writing web.config to add extensionless mime type to C:\inetpub\wwwroot\.well-k
nown\acme-challenge\web.config
 Answer should now be browsable at http://wsus.ivsweb.com/.well-known/acme-chall
enge/71xO9oqLyv2rmopvZQceLBXURtg8m7PKe1iCpcyVvOU
 Submitting answer
 Refreshing authorization
 Authorization Result: invalid

******************************************************************************
The ACME server was probably unable to reach http://wsus.ivsweb.com/.well-known/
acme-challenge/71xO9oqLyv2rmopvZQceLBXURtg8m7PKe1iCpcyVvOU

Check in a browser to see if the answer file is being served correctly.


This could be caused by IIS not being setup to handle extensionless static
files. Here's how to fix that:
1. In IIS manager goto Site/Server->Handler Mappings->View Ordered List
2. Move the StaticFile mapping above the ExtensionlessUrlHandler mappings.
(like this http://i.stack.imgur.com/nkvrL.png)
3. If you need to make changes to your web.config file, update the one
at C:\letsencrypt-win-simple\web_config.xml

******************************************************************************
Press enter to continue.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 16 (3 by maintainers)

Most upvoted comments

facing this issue, please suggest a resolution: is it required that the site should be accessible over internet to proceed with below step without error?

image

+2
pra1ham on May 30, 2017
Read more comments on GitHub
← deb-get: Can't update/upgrade - /var/cache/deb-get/deb-get.json empty
win-acme: Cryptographic Exception when trying to renew certificate →