Automatic renewal not working on W2012 IIS 8.5


#1

First, thanks for all the job done, it’s now really easy and affordable to get SSL certificates.

I have an important issue right now. I have a SSL Certificate for a production site which has expired, and the automated renewal process does not work.

I have investigated and the renewal date found by the task is in the future, so the certificate is not renewed.

Here are the details.

My domain is: s5.knowledgeplaces.com
Current certificate is valid from 11/15/2016 to 2/13/2017 (dates is US formats).

Here is the command generated by letsencrypt win simple client and launched by a daily scheduled task:
“C:\SSL utilities\letsencrypt.exe” --renew --baseuri “https://acme-v01.api.letsencrypt.org/

When I run this command manually, it produces this output:
Let’s Encrypt (Simple Windows ACME Client)
Renewal Period: 60
Certificate Store: WebHosting

ACME Server: https://acme-v01.api.letsencrypt.org/
Config Folder: C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsacme-v0
1.api.letsencrypt.org
Certificate Folder: C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsac
me-v01.api.letsencrypt.org
Loading Signer from C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsac
me-v01.api.letsencrypt.org\Signer

Getting AcmeServerDirectory
Loading Registration from C:\Users\root\AppData\Roaming\letsencrypt-win-simple\h
ttpsacme-v01.api.letsencrypt.org\Registration
Checking Renewals
Checking IIS responsive.knowledgeplaces.com (C:\inetpub\wordpresslms\responsive
) Renew After 3/22/2017
Checking IIS test5.knowledgeplace.fr (C:\Program Files\Apache Software Foundati
on\Tomcat 8.0\webapps\KPuser20151T) Renew After 3/22/2017
Checking IIS s5.knowledgeplaces.com (C:\inetpub\s5.knowledgeplaces.com) Renew A
fter 3/22/2017
Checking IIS geoconcept.knowledgeplace.fr (C:\Program Files\Apache Software Fou
ndation\Tomcat 8.0\webapps\KPuser20151) Renew After 3/21/2017
Checking IIS trials.knowledgeplaces.com (C:\inetpub\wordpressMUtrials) Renew Af
ter 3/21/2017

So s5.knowledgeplaces.com is “Renew After 3/22/2017”…

My operating system is (include version): Windows 2012
My web server is (include version): IIS 8.5
I can login to my machine with Windows Remote Desktop.

Please advise.


#2

Hello,

The answer is certainlycoming too late.
The problem with letsencryptsimple is that it maintains informations in the “user” folder.
e.g. C:\Users\USER\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org

You should check that the task created in the task scheduler runs under the same user credentials.If it is not the case, letsencrypt-win-simple does not find any certificate to renew.

Certificates are valid for 90 days. By default, letsencrypt-win-simple renews after 60 days. It lets you 30 days to debug this king of situation.

Kind regards,

Guy


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.