"Authorization timed out" when trying to request certificate to IIS

Hi folks,

I’m trying to request a certificate for my subdomain (rh.bramoffshore.com.br). I’m using winacme, but it returns “[EROR] Authorization timed out”. Thanks in advance!

My domain is: bramoffshore.com.br

I ran this command wacs.exe --verbose

It produced this output:

[DBUG] Loading signer from C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Signer_v2
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/directory
[DBUG] Send HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce
[DBUG] Loading account information from C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Registration_v2
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/new-order
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/77180863
[INFO] Authorize identifier: rh.bramoffshore.com.br
[INFO] Authorizing rh.bramoffshore.com.br using http-01 validation (SelfHosting)
[DBUG] Submitting challenge answer
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[EROR] Authorization timed out
[EROR] Create certificate failed: Authorization failed```

My web server is (include version): IIS 8.5.9600.16384

The operating system my web server runs on is (include version): Windows Server 2012 R2 6.3 (Build 9600)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of `certbot --version` or `certbot-auto --version` if you're using Certbot):

Hi @msmosso

your domain isn't visible ( https://check-your-website.server-daten.de/?q=rh.bramoffshore.com.br ):

So it's impossible to create a certificate via http-validation.

Is your IIS configured / running? Is there a blocking firewall?

I can’t access it either.

Are you sure it can be accessed from other ISPs? Or other countries?

Ping works, tracert works.

But your port 80 doesn’t answer.

There must be a blocking instance.

@JuergenAuer, @mnordhoff

Looks like I am able to access it because I am in the same network. I will ask the network team to open the 80 port. Thanks!

PS: Checked your raw ip - https://check-your-website.server-daten.de/?q=187.58.128.187 - there is a port check included:

Your port 8080 answers - http://187.58.128.187:8080/web/app/RH/PortalMeuRH/#/login

@JuergenAuer @mnordhoff

I asked the network team to open the port, and now it works as expected. Thanks again!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.