Automatic renewal not working on W2012 IIS 8.5


First, thanks for all the job done, it’s now really easy and affordable to get SSL certificates.

I have an important issue right now. I have a SSL Certificate for a production site which has expired, and the automated renewal process does not work.

I have investigated and the renewal date found by the task is in the future, so the certificate is not renewed.

Here are the details.

My domain is:
Current certificate is valid from 11/15/2016 to 2/13/2017 (dates is US formats).

Here is the command generated by letsencrypt win simple client and launched by a daily scheduled task:
“C:\SSL utilities\letsencrypt.exe” --renew --baseuri “

When I run this command manually, it produces this output:
Let’s Encrypt (Simple Windows ACME Client)
Renewal Period: 60
Certificate Store: WebHosting

ACME Server:
Config Folder: C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsacme-v0
Certificate Folder: C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsac
Loading Signer from C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsac\Signer

Getting AcmeServerDirectory
Loading Registration from C:\Users\root\AppData\Roaming\letsencrypt-win-simple\h\Registration
Checking Renewals
Checking IIS (C:\inetpub\wordpresslms\responsive
) Renew After 3/22/2017
Checking IIS (C:\Program Files\Apache Software Foundati
on\Tomcat 8.0\webapps\KPuser20151T) Renew After 3/22/2017
Checking IIS (C:\inetpub\ Renew A
fter 3/22/2017
Checking IIS (C:\Program Files\Apache Software Fou
ndation\Tomcat 8.0\webapps\KPuser20151) Renew After 3/21/2017
Checking IIS (C:\inetpub\wordpressMUtrials) Renew Af
ter 3/21/2017

So is “Renew After 3/22/2017”…

My operating system is (include version): Windows 2012
My web server is (include version): IIS 8.5
I can login to my machine with Windows Remote Desktop.

Please advise.



The answer is certainlycoming too late.
The problem with letsencryptsimple is that it maintains informations in the “user” folder.
e.g. C:\Users\USER\AppData\Roaming\letsencrypt-win-simple\

You should check that the task created in the task scheduler runs under the same user credentials.If it is not the case, letsencrypt-win-simple does not find any certificate to renew.

Certificates are valid for 90 days. By default, letsencrypt-win-simple renews after 60 days. It lets you 30 days to debug this king of situation.

Kind regards,



This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.