Authorization Result Failed... Please Help!

My domain is:

I ran this command: letsencrypt.exe

Choose from one of the menu options above: M
Enter a host name:
Enter a site path (the web root of the host for http authentication): C:\cable\f

It produced this output:

Authorizing Identifier Using Challenge Type http-01
Writing challenge answer to C:\cable\finditclassifieds_com\web.well-known/acme-
Answer should now be browsable at
Submitting answer
Refreshing authorization
Refreshing authorization
Refreshing authorization
Authorization Result: invalid
Authorization Failed invalid

The ACME server was probably unable to reach

Check in a browser to see if the answer file is being served correctly.

Press enter to continue.

My web server is (include version): IIS 7

The operating system my web server runs on is (include version): Win 2008

My hosting provider, if applicable, is: Accuwebhosting

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @webzcom

check your url:


is a http status 403 - Forbidden. So that can’t work.

Change that (you may have additional configuration errors).

1 Like

Not only the ACME challenge returns a 403, the whole site at returns a 403 Forbidden error.

Thank you for the quick reply!
I saw some LetsEncrpyt traffic coming from
I’m going through all the 403 errors in the logs. Its has to be agent or IP issue.

Your IP and agent please?

Your help is so appreciated!!!

You shouldn’t use whitelisting for ACME validations from Let’s Encrypt, as Let’s Encrypt uses multiple IP addresses which can change at any time. See for more information:

You can use however the path of the authorization token: /.well-known/acme-challenge/ is used by Let’s Encrypt for the authorization tokens through the http-01 challenge.

Thank you!

I’m looking at all the 403s and whitelisting all the LetsEncrypt IPs.

Looks like I have a server issue some then. Its either the firewall or IIS filtering rules. I’ll go through all that then check back.

Again, much appreciated!!!

You have a log, there you see the ip and the useragent.

Blacklisting /.well-known/acme-challenge is bad.


Thanks for tolerated my stupid questions.

So many layer of security. Found this one in the IIS IP filtering rules. I had to put allow rules in for all your IPs / IP ranges and then it worked.

Again, thank for all your help.

If this site makes any money, I’ve give some of it to LetsEncrypt for their invaluable service.

Rick Cable

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.