I'm trying to use the Certify SSL Manager to configure SSL certificates from Let's Encrypt on my IIS server, but it fails during the check.
https://dev.mywebsite.com/.well-known/acme-challenge/configcheck/
This works:
https://dev.mywebsite.com/well-known/acme-challenge/configcheck
https://dev.mywebsite.com/.well-known/acme-challenge/test.txt
So I assumed it's the . before well-known. But the fact that test.txt works confuses me.
I've already configured the directory according to this discussion: https://github.com/ebekker/ACMESharp/issues/15
I have a bunch of rewrite stuff in my web.config, but even if I remove that section completely, it still fails.
If the name servers do not match, then this is the reason Let's Encrypt is not working. You can fix the problem by copying the name servers from the ACC and adding them to the domain in the domain registrar. Once these have been saved and the registrar has applied the change to the domain, retry Let's Encrypt.
Select your target IIS domain to install the SSL certificate on. Enter A to use all bindings of the IIS domain. Enter y' to continue with your selection, y' to open with the default web server application, `y' to agree to the Let's Encrypt terms. Enter your email address to receive important certificate notifications.
To enable HTTPS on your website, you need to get a certificate (a type of file) from a Certificate Authority (CA). Let's Encrypt is a CA. In order to get a certificate for your website's domain from Let's Encrypt, you have to demonstrate control over the domain.
Perhaps check if the acme-challenge web.config contains a conflict within the handler section. Do so by opening IIS manager, find the acme-challenge folder en double click the handler mapping icon. In my case, this resulted in an error.
The problem I ran into with the default web.config in the acme-challenge folder was that the applicationhost.config contained:
<section name="handlers" overrideModeDefault="Deny" />
The handlers section in the acme-challenge web.config therefore was not allowed with the result that the challenge failed. In this case the solutions were: Change applicationhost.config line to:
<section name="handlers" overrideModeDefault="Allow" />
Or ... Remove the handlers setting from the web.config in acme-challenge folder.
The applicationhost.config can be found here: c:\windows\system32\inetsrv\config
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With