Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: esssurvey.csa.gov.et
It produced this output:I ran this command: Renewal for [IIS] Survey Solutions, (any host) failed, will retry on next run
My web server is (include version): IIS 8
The operating system my web server runs on is (include version):windows server 2016
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I'm not very familiar with the ACME clients on Windows, but you didn't include client information or version in the template. What program are you using that has this button? If you don't know, a screenshot might be helpful.
This means what it says, that Let's Encrypt's servers couldn't connect to your system, so there's likely a firewall blocking it somewhere. I can't connect to it either. In order to prove that your system owns the name, it needs to be accessible worldwide so that Let's Encrypt can validate it. (The alternative, if it's supposed to be an internal-only system, is to use the DNS-01 challenge so that it's validated by a worldwide-accessible DNS server instead of also needing a worldwide-accessible web server.)
Yes the issue in this case is that you have closed firewall port 80, so the http validation can't be completed (http traffic does not reach the server).