yame
October 9, 2017, 10:38am
1
hi, need some help please.
iam trying to get certificate for iis 8… spent some time to fix acme challenge, but the problem was not in my settings:
first domain i tried was: 1s.some-domain.ru
i got 404 error…
then i tried second domain: nt.domain.ru and i got certificate…
first and second domain points to same iis ip address and uses same webroot dir.
after that i tried nt.some-domain.ru and again got the 404 error…
maybe where is some domain name restriction?
I ran this command:
i used letsencrypt-win-simple.V1.9.6.2
It produced this output:
404 error
My web server is (include version):
iis 8
The operating system my web server runs on is (include version):
win 2012 r2
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
tnank you.
what commands are you running in letsencryp-win-simple
did you check their github for any issues similar to what you are reporting?
I have used letsencrypt-win-simple before
Any chance you can paste the logs
404 errors are usually related to web server configurations
Andrei
yame
October 9, 2017, 12:02pm
3
commands… new cert, first binding… --test when starting app.
logs:
ACME server reported “detail” "Invalid response from http://1s.some-domain.ru/.well-known/acme-challenge/1kUAgas9hIlAcZ79-9lhF2BRrOyXExDjzYwehYSuzhg: "
404 Not Found
Not Found
you saying that more likely its web server missconfig… but how it works on different domain name?? same web server… same settings… diff domain…
on nt.domain.ru all works perfectly: Adding new https binding for “nt.domain.ru ”
hi @yame
I think its possibly a MIME issue. Note: you will need to set this up for each site in IIS
Part 4 of this article describes this. I had 404s which is why i think it’s the first thing to check
https://www.linkedin.com/pulse/lets-encrypt-part-1-issuing-installing-certificates-andrei-hawke/
Andrei
yame
October 10, 2017, 12:40pm
5
hi Andrei, i have same name
i setup two different sites on one server…
one site can pass acme challenge and another cannot.
how can i send private message to you? i can send all the logs.
yame
October 10, 2017, 1:22pm
8
Andrei i am writing to DNS provider now to make them remove AAAA records… i feel like it is the answer… thank you a lot.
1 Like
yame
October 10, 2017, 2:05pm
10
ok, i’v tested it, removed my AAAA records from DNS and all works fine now, letsencrypt prefers IPv6 DNS requests.
thank you ahaw021!
system
Closed
November 9, 2017, 2:05pm
11
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.