Acme Challenge Error - IIS

Attempting to validate a subdomain that needed to be moved to a new server and I'm running into an acme challenge error. There is no cname in DNS for a _acme-challenge on this domain, so I don't understand why the error.

 Target generated using plugin IIS:

 [] Authorizing...
 [] Authorizing using http-01 validation (SelfHosting)
 [] Authorization result: invalid
 [] {
  "type": "urn:ietf:params:acme:error:unauthorized",
  "detail": "Invalid response from [2606:4700:3036::ac43:a73a]: \"<!DOCTYPE HTML PUBLIC \\\"-//W3C//DTD HTML 4.01//EN\\\"\\\"\\\">\\n<HTML><HEAD><TITLE>Not Found</TITLE>\\n<\"",
  "status": 403
1 Like

Hi @jeff-irwin and welcome to the LE community forum :slight_smile:

You should mention (and take consideration) that Cloudflare is involved:

Addresses: 2606:4700:3036::ac43:a73a

Like: It will always redirect HTTP to HTTPS.


Your using win-acme, with the self-hosting option (it adds an http.sys listener on port 80, before IIS).

If you don't want to change cloudflare settings to allow http through you could use the "filesystem" validation option instead of selfhosting: win-acme

That way IIS will respond with the challenge response file from within the website root instead of using the built-in win-acme server.


Great point that I didn't consider...

1 Like

That was it, I disabled SSL/TLS in Cloudflare and was able to validate the cert.

Very much appreciate the assist!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.