"Authorization timed out" when trying to request certificate to IIS

Hi folks,

I’m trying to request a certificate for my subdomain (rh.bramoffshore.com.br). I’m using winacme, but it returns “[EROR] Authorization timed out”. Thanks in advance!

My domain is: bramoffshore.com.br

I ran this command wacs.exe --verbose

It produced this output:

[DBUG] Loading signer from C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Signer_v2
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/directory
[DBUG] Send HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce
[DBUG] Loading account information from C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Registration_v2
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/new-order
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/77180863
[INFO] Authorize identifier: rh.bramoffshore.com.br
[INFO] Authorizing rh.bramoffshore.com.br using http-01 validation (SelfHosting)
[DBUG] Submitting challenge answer
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/77180863/Sxx58g
[EROR] Authorization timed out
[EROR] Create certificate failed: Authorization failed```

My web server is (include version): IIS 8.5.9600.16384

The operating system my web server runs on is (include version): Windows Server 2012 R2 6.3 (Build 9600)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of `certbot --version` or `certbot-auto --version` if you're using Certbot):

Hi @msmosso

your domain isn’t visible ( https://check-your-website.server-daten.de/?q=rh.bramoffshore.com.br ):

Domainname Http-Status redirect Sec. G
http://rh.bramoffshore.com.br/
187.58.128.187 -14 10.017 T
Timeout - The operation has timed out
https://rh.bramoffshore.com.br/
187.58.128.187 -14 10.000 T
Timeout - The operation has timed out
http://rh.bramoffshore.com.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
187.58.128.187 -14 10.030 T
Timeout - The operation has timed out
Visible Content:

So it’s impossible to create a certificate via http-validation.

Is your IIS configured / running? Is there a blocking firewall?

I can’t access it either.

Are you sure it can be accessed from other ISPs? Or other countries?

Ping works, tracert works.

But your port 80 doesn’t answer.

There must be a blocking instance.

@JuergenAuer, @mnordhoff

Looks like I am able to access it because I am in the same network. I will ask the network team to open the 80 port. Thanks!

PS: Checked your raw ip - https://check-your-website.server-daten.de/?q=187.58.128.187 - there is a port check included:

Your port 8080 answers - http://187.58.128.187:8080/web/app/RH/PortalMeuRH/#/login

@JuergenAuer @mnordhoff

I asked the network team to open the port, and now it works as expected. Thanks again!

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.