I ran this command: I ran the "Test" option in the Certificate Management application (5.2.1.0) on Windows Server 2012 r2.
It produced this output:
Powershell/PoshACME DNS :: Error: Script invoke failed: System.Management.Automation.CmdletInvocationException: The underlying connection was closed: A connection that was expected to be kept alive was closed by the server. ---> System.Net.WebException: The underlying connection was closed: A connection that was expected to be kept alive was closed by the server.
at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.GetResponse(WebRequest request)
at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.ProcessRecord()
--- End of inner exception stack trace ---
at System.Management.Automation.Runspaces.AsyncResult.EndInvoke()
at System.Management.Automation.PowerShell.EndInvoke(IAsyncResult asyncResult)
at Certify.Management.PowerShellManager.InvokePowershell(CertificateRequestResult result, String executionPolicy, String scriptFile, Dictionary`2 parameters, String scriptContent, PowerShell shell, Boolean autoConvertBoolean) in C:\Work\GIT\certify_dev\certify\src\Certify.Shared.Compat\PowerShellManager.cs:line 254
My web server is (include version): IIS 8
The operating system my web server runs on is (include version): Windows Server 2012 r2
My hosting provider, if applicable, is: NA
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): NA
I think the Posh ACME script doesn't work with Dynu. I've entered my API secret and client ID for the domain, but still no luck. Anyone else have this issue?
The Posh-ACME Dynu script definitely works within the context of the module. I just tested it. This may be an issue specifically with CTW calling the script or a .NET config issue on the OS. We should ask @webprofusion for clarity.
Thanks for confirming it should work. I went ahead and installed .net 4.8, after I rebooted the test seemed to work the first attempt. I ran it again about 30 seconds later and it failed with the same error (api limit?). I will await webprofusions opinion.
Edit: Namecheap API authorization works just fine on the same machine.
Hi, check you don't have any firewall rules for outgoing https, if you try to limit communication to dynu you'll probably fail to connect eventually because their API will be jumping around different IP addresses.
Btw you need PowerShell 5.1 or higher for any powershell in Certify and general support questions like this should definitely be posted to https://community.certifytheweb.com (in the future) because I may not always see your question here.
I can confirm that Dynu via Posh-ACME is working. I did notice an issue if the server takes too long to respond but it's different from the problem you're seeing. :
Using FiddlerEverywhere I can watch the http API requests completing OK.
Also double check your Dynu credentials are correct in Certify, I don't know what response you'd get from Dynu if they were wrong (I'd expect a 403 but who knows!).
Check you don't have any special firewall rules specific to Certify (CertifySSLManager.Service.exe) that allow/disallow certain communication, it's unlikely as I'm sure you'd remember putting that sort of thing in place. Check also that you're not going through a proxy for outgoing https, Certify doesn't support that (although in this case it's powershell that's doing the work).
I put in dummy creds and I got a 401 Unauthorized error instead of the server closing the connection. I am thinking it might be something with my account and Dynu's API. I am using the free tier.
Powershell/PoshACME DNS :: Error: Script invoke failed: System.Management.Automation.CmdletInvocationException: {"statusCode":401,"type":"Authentication Exception","message":"Failed."} ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized.
at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.GetResponse(WebRequest request)
at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.ProcessRecord()
--- End of inner exception stack trace ---
at System.Management.Automation.Runspaces.AsyncResult.EndInvoke()
at System.Management.Automation.PowerShell.EndInvoke(IAsyncResult asyncResult)
at Certify.Management.PowerShellManager.InvokePowershell(CertificateRequestResult result, String executionPolicy, String scriptFile, Dictionary`2 parameters, String scriptContent, PowerShell shell, Boolean autoConvertBoolean) in C:\Work\GIT\certify_dev\certify\src\Certify.Shared.Compat\PowerShellManager.cs:line 254
I'm using the free tier as well and it's working OK. I'd just replace your credentials and try again (you perhaps want to generate new credentials in the Dynu control panel first).
Alternatively install the certify app on your desktop machine and try it from there just to prove your credentials work, you should be able to validate via Dynu and get a cert (even though you're not using the cert on that machine).
It worked just fine on another machine as you expected. I upgraded to Server 2019 and installed .NET framework 4.8 (Microsoft .NET Framework 4.8 offline installer for Windows) and it resolved the issue. I think my .net installation wasn't quite right. Thank you so much for the assistance @webprofusion!