Automatic renewal not working on W2012 IIS 8.5

theplacetobe · February 14, 2017, 4:52pm

First, thanks for all the job done, it’s now really easy and affordable to get SSL certificates.

I have an important issue right now. I have a SSL Certificate for a production site which has expired, and the automated renewal process does not work.

I have investigated and the renewal date found by the task is in the future, so the certificate is not renewed.

Here are the details.

My domain is: s5.knowledgeplaces.com
Current certificate is valid from 11/15/2016 to 2/13/2017 (dates is US formats).

Here is the command generated by letsencrypt win simple client and launched by a daily scheduled task:
“C:\SSL utilities\letsencrypt.exe” --renew --baseuri “https://acme-v01.api.letsencrypt.org/”

When I run this command manually, it produces this output:
Let’s Encrypt (Simple Windows ACME Client)
Renewal Period: 60
Certificate Store: WebHosting

ACME Server: https://acme-v01.api.letsencrypt.org/
Config Folder: C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsacme-v0
1.api.letsencrypt.org
Certificate Folder: C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsac
me-v01.api.letsencrypt.org
Loading Signer from C:\Users\root\AppData\Roaming\letsencrypt-win-simple\httpsac
me-v01.api.letsencrypt.org\Signer

Getting AcmeServerDirectory
Loading Registration from C:\Users\root\AppData\Roaming\letsencrypt-win-simple\h
ttpsacme-v01.api.letsencrypt.org\Registration
Checking Renewals
Checking IIS responsive.knowledgeplaces.com (C:\inetpub\wordpresslms\responsive
) Renew After 3/22/2017
Checking IIS test5.knowledgeplace.fr (C:\Program Files\Apache Software Foundati
on\Tomcat 8.0\webapps\KPuser20151T) Renew After 3/22/2017
Checking IIS s5.knowledgeplaces.com (C:\inetpub\s5.knowledgeplaces.com) Renew A
fter 3/22/2017
Checking IIS geoconcept.knowledgeplace.fr (C:\Program Files\Apache Software Fou
ndation\Tomcat 8.0\webapps\KPuser20151) Renew After 3/21/2017
Checking IIS trials.knowledgeplaces.com (C:\inetpub\wordpressMUtrials) Renew Af
ter 3/21/2017

So s5.knowledgeplaces.com is “Renew After 3/22/2017”…

My operating system is (include version): Windows 2012
My web server is (include version): IIS 8.5
I can login to my machine with Windows Remote Desktop.

Please advise.

guyvaio · February 19, 2017, 8:37am

Hello,

The answer is certainlycoming too late.
The problem with letsencryptsimple is that it maintains informations in the “user” folder.
e.g. C:\Users\USER\AppData\Roaming\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org

You should check that the task created in the task scheduler runs under the same user credentials.If it is not the case, letsencrypt-win-simple does not find any certificate to renew.

Certificates are valid for 90 days. By default, letsencrypt-win-simple renews after 60 days. It lets you 30 days to debug this king of situation.

Kind regards,

Guy

system · March 21, 2017, 8:38am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Letsencrypt-win-simple - Renewal Dates Don't Match Certificate Dates Help	7	2851	June 28, 2017
Cert not renewing but no errors? Help	4	4424	February 11, 2017
Autorenew IIS stopped working Help	2	436	July 1, 2021
Certificate renews but not installed on Exchange Server	21	6325	June 10, 2018
Windows IIS Renew: Expires today but acme says to renew in a month? Help	3	1774	April 5, 2017

Automatic renewal not working on W2012 IIS 8.5

Related topics