Certbot authentication error on IIS

My domain is: innovion.nl (site is not live yet, just placeholder wordpress)

I ran this command: tried both "certbot certonly --webroot" and "certbot certonly --standalone"

It produced this output:

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: innovion.nl
Type: unauthorized
Detail: Invalid response from http://www.innovion.nl/.well-known/acme-challenge/rfkxTTuDIkXBriV29HddWu9VH5XwDLe3lbijlw35gJk []: "<!doctype html>\n<html lang="nl" >\n\n\t<meta charset="UTF-8" />\n\t<meta name="viewport" content="width=device-width, initial-s"

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

My web server is (include version): IIS 10.0.17763.1

The operating system my web server runs on is (include version): Windows Server 2019 Datacenter

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.16.0

I think it has something to do with the .well-known directory. It was created by certbot but not accesible, nor were there files placed in there. I did add a virtual directory to point to the .well-known directory and tried by uploading a txt file and that worked fine (innovion.nl/.well-known/test.txt)


It could be because IIS doesn't want to serve extention-less files. You can enable this behavior with a web.config file:

<?xml version="1.0" encoding="UTF-8"?>
      <mimeMap fileExtension="." mimeType="text/json" />

Wow, that worked! Thank you so much! Now to find out how to install the certificate, because I think IIS doesn't do it automatically.


If you're interested in some software which will also automatically install it to IIS, have a look at https://certifytheweb.com.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.