win-acme: Failed to listen on prefix 'http://+:80/.well-known/acme-challenge/'

Hi there

I’m hitting an error I’ve never seen before randomly this morning and can’t figure out why. Nothing has changed as far as I’m aware and have setup many sites using WACS. I’m getting this:

[INFO] Target generated using plugin IIS: k1-sport.com [INFO] Authorize identifier: k1-sport.com [INFO] Authorizing k1-sport.com using http-01 validation (SelfHosting) [EROR] Unable to activate HttpListener, this may be because of insufficient rights or a non-Microsoft webserver using port 80 [EROR] Error preparing for challenge answer System.Net.HttpListenerException (183): Failed to listen on prefix ‘http://+:80/.well-known/acme-challenge/’ because it conflicts with an existing reg istration on the machine. at System.Net.HttpListener.AddPrefixCore(String registeredPrefix) at System.Net.HttpListener.AddAllPrefixes() at System.Net.HttpListener.Start() at PKISharp.WACS.Plugins.ValidationPlugins.Http.SelfHosting.PrepareChallenge() at PKISharp.WACS.Plugins.ValidationPlugins.Validation`1.PrepareChallenge(IChallengeValidationDetails challenge) at PKISharp.WACS.RenewalExecutor.Authorize(ILifetimeScope execute, RunLevel runLevel, ValidationPluginOptions options, TargetPart targetPart, Autho rization authorization) [EROR] Create certificate failed: Authorization failed

We’re using IIS. I’ve done a netstat and can’t see anything else on port 80.

Any ideas?

Dave

About this issue

Original URL
State: closed
Created 4 years ago
Comments: 18 (2 by maintainers)

Most upvoted comments

Same issue on 2.1.9.870 How I got it: I mage a cert query for xxx.domain.com Then I returned back to make cert query for two domains: xxx.domain.com, foo.xxx.domain.com

This failed

Wiped out C:\ProgramData\Win-Acme and everything is ok now

filimonic on Jul 20, 2020

Having same exact problem with renewals. Not able to locate anything with netsh http show urlacl Does anybody see anything here?

URL Reservations:

Reserved URL            : http://*:5357/ 
    User: BUILTIN\Users
        Listen: Yes
        Delegate: No
    User: NT AUTHORITY\LOCAL SERVICE
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;BU)(A;;GX;;;LS) 

Reserved URL            : https://*:5358/ 
    User: BUILTIN\Users
        Listen: Yes
        Delegate: No
    User: NT AUTHORITY\LOCAL SERVICE
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;BU)(A;;GX;;;LS) 

Reserved URL            : http://+:47001/wsman/ 
    User: NT SERVICE\WinRM
        Listen: Yes
        Delegate: No
    User: NT SERVICE\Wecsvc
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;S-1-5-80-569256582-2953403351-2909559716-1301513147-412116970)(A;;GX;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517) 

Reserved URL            : https://+:5986/wsman/ 
    User: NT SERVICE\WinRM
        Listen: Yes
        Delegate: No
    User: NT SERVICE\Wecsvc
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;S-1-5-80-569256582-2953403351-2909559716-1301513147-412116970)(A;;GX;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517) 

Reserved URL            : https://+:443/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ 
    User: NT SERVICE\SstpSvc
        Listen: Yes
        Delegate: Yes
    User: BUILTIN\Administrators
        Listen: No
        Delegate: No
    User: NT AUTHORITY\SYSTEM
        Listen: Yes
        Delegate: Yes
        SDDL: D:(A;;GA;;;S-1-5-80-3435701886-799518250-3791383489-3228296122-2938884314)(A;;GR;;;BA)(A;;GA;;;SY) 

Reserved URL            : http://+:80/Temporary_Listen_Addresses/ 
    User: \Everyone
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;WD) 

Reserved URL            : http://+:5985/wsman/ 
    User: NT SERVICE\WinRM
        Listen: Yes
        Delegate: No
    User: NT SERVICE\Wecsvc
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;S-1-5-80-569256582-2953403351-2909559716-1301513147-412116970)(A;;GX;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517) 

Reserved URL            : http://+:80/MSDEPLOYAGENTSERVICE/ 
    User: NT AUTHORITY\NETWORK SERVICE
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;NS) 

Reserved URL            : http://+:80/ReportServer/ 
    User: NT AUTHORITY\NETWORK SERVICE
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;NS) 

Reserved URL            : http://+:80/Reports/ 
    User: NT AUTHORITY\NETWORK SERVICE
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;NS) 

Reserved URL            : http://*:2869/ 
    User: NT AUTHORITY\LOCAL SERVICE
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;LS)

mtnhomes on Jul 19, 2020

We found the culprit, it was a service called “Control Panel Integration Tools”. Hope that helps someone in the future. A day in my life I’ll never get back! 😉 Thanks @webprofusion-chrisc you steered me down the right path.

davequested on Feb 24, 2020