Yesterday my organization renewed our certificates using wacs.exe, through which we were able to connect to acme-v2.api.letsencrypt.org without issue. Today, that is not the case. We have been through every similar post I could find but they were either closed without resolution or did not resolve our issue. Please shed any light you can on this, we are currently at a loss as to what is going on.
My domain is: (www.)itmmarketing.com (we have multiple subdomains, all with valid certificates)
I ran this command: ping, tracert, openssl s_client -connect, wacs.exe, opened in browser
It produced this output:
- ping: Pinging ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com [220.127.116.11] with 32 bytes of data: (request timed out) Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
- tracert: Tracing route to ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com [18.104.22.168]
over a maximum of 30 hops:
1 * * * Request timed out.
- openssl s_client -connect:
12160:error:2008A067:BIO routines:BIO_connect:connect error:crypto\bio\b_sock2.c:111:
- opened in browser: ERR_CONNECTION_TIMED_OUT
No such errors occur when using acme-staging-v02.api.letsencrypt.org.
My web server is (include version): IIS Version 10.0.14393.0
The operating system my web server runs on is (include version):Microsoft Windows Server 2016 Version 1607
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): Windows ACMEv2 client version 22.214.171.1249