Creacion de certificadpo SSL de sitio web

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:fupad.org

I ran this command:

It produced this output: "detail": " Invalid response from http://reportes.fupad.org/.well-known/acme-challenge/2FWCCdn-VP_-klYHeUgLnJjWcwg0lLyXxhgq3_b9r3s: 404"

My web server is (include version): SQL server Reporting services 2017

The operating system my web server runs on is (include version): Server 2016

My hosting provider, if applicable, is: networksolutions

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Hola @jaramirez,

¬ŅQu√© tipo de entorno de software tiene?

¬ŅQu√© hizo para pedir este certificado?

1 Like

schoen buen dia,
¬ŅQu√© hizo para pedir este certificado?, intente renovar el certificado del sitio pero acme me arrojaba errores al actulizarlo, lo que hice fue rovocar el certificado que tenia actualmente con varios dias habiles para su vencimiento he intente crear un nuevo certificado pero me sale el error que reporte.

¬ŅQu√© tipo de entorno de software tiene? el entorno es virtual y la creacion del SSL lo realizo desde la maquina virtualizada

Pero ¬Ņcon que herramientas de software?

Por ejemplo

¬Ņqu√© quiere decir "acme" aqu√≠? No creo que puede ser el protocolo ACME.

1 Like

If you use Certify The Web (https://certifytheweb.com - which I work on) to manage your certificate you can fetch your certificate then deploy it to reporting services automatically.

From memory I seem to remember SQL reporting services has two modes of report server hosting - IIS and self hosted (running it's own http listener to serve the reporting site).

Here is an a example powershell script (for a PowerShell script task in Certify) which deploys a cert to reporting services if your using the reporting server self hosted option (not using IIS)

If you are just using IIS to host your report server (i.e. you can see it in IIS manager) you can just use a standard managed certificate in Certify The Web and it will be deployed to the matching IIS site based on the hostname in the IIS bindings. You can see the intended IIS binding updates in the Preview tab (scroll to the bottom of the page).

You are currently using http validation for your certificate (Let's encrypt needs to see your website to validate the challenge response). You could also use DNS validation instead: DNS Validation (dns-01) | Certify The Web Docs

3 Likes

Uploading: WIN-ACME.jpg...

Schoen buen dia, adjunto envio pantallazo para que te quede mas claro cual es mi inconveniente.

Hola @jaramirez,

Desafortunadamente la captura de pantalla no apareció en el foro.

1 Like

Schoen buen dia, bueno al ver que no aparecio te voy a enviar como estoy creando el certificado.

ejecuto client ACME WIN

y sigo los siguientes pasos

Create certificate failed, retry? (y/n*) - no

Create certificate failed: Unable to create order
- No certificate generated

N: Create certificate (default settings)
M: Create certificate (full options)
R: Run renewals (0 currently due)
A: Manage renewals (0 total)
O: More options...
Q: Quit

Please choose from the menu: m

Running in mode: Interactive, Advanced

Please specify how the list of domain names that will be included in the
certificate should be determined. If you choose for one of the "all bindings"
options, the list will automatically be updated for future renewals to
reflect the bindings at that time.

1: Read site bindings from IIS
2: Manual input
3: CSR created by another program
C: Abort

How shall we determine the domain(s) to include in the certificate?: 2

Description: A host name to get a certificate for. This may be a
comma-separated list.

Host: reportes.fupad.org

Source generated using plugin Manual: reportes.fupad.org

Suggested friendly name '[Manual] reportes.fupad.org', press to accept or type an alternative:

The ACME server will need to verify that you are the owner of the domain
names that you are requesting the certificate for. This happens both during
initial setup and for every future renewal. There are two main methods of
doing so: answering specific http requests (http-01) or create specific dns
records (dns-01). For wildcard domains the latter is the only option. Various
additional plugins are available from GitHub - win-acme/win-acme: A simple ACME client for Windows (for use with Let's Encrypt et al.).

1: [http-01] Save verification files on (network) path
2: [http-01] Serve verification files from memory
3: [http-01] Upload verification files via FTP(S)
4: [http-01] Upload verification files via SSH-FTP
5: [http-01] Upload verification files via WebDav
6: [dns-01] Create verification records manually (auto-renew not possible)
7: [dns-01] Create verification records with acme-dns (GitHub - joohoi/acme-dns: Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.)
8: [dns-01] Create verification records with your own script
9: [tls-alpn-01] Answer TLS verification request from win-acme
C: Abort

How would you like prove ownership for the domain(s)?: 2

After ownership of the domain(s) has been proven, we will create a
Certificate Signing Request (CSR) to obtain the actual certificate. The CSR
determines properties of the certificate like which (type of) key to use. If
you are not sure what to pick here, RSA is the safe default.

1: Elliptic Curve key
2: RSA key
C: Abort

What kind of private key should be used for the certificate?: 2

When we have the certificate, you can store in one or more ways to make it
accessible to your applications. The Windows Certificate Store is the default
location for IIS (unless you are managing a cluster of them).

1: IIS Central Certificate Store (.pfx per host)
2: PEM encoded files (Apache, nginx, etc.)
3: PFX archive
4: Windows Certificate Store
5: No (additional) store steps

How would you like to store the certificate?: 4

1: [WebHosting] - Dedicated store for IIS
2: [My] - General computer store (for Exchange/RDS)
3: [Default] - Use global default, currently WebHosting

Choose store to use, or type the name of another unlisted store: 3

1: IIS Central Certificate Store (.pfx per host)
2: PEM encoded files (Apache, nginx, etc.)
3: PFX archive
4: Windows Certificate Store
5: No (additional) store steps

Would you like to store it in another way too?: 5

With the certificate saved to the store(s) of your choice, you may choose one
or more steps to update your applications, e.g. to configure the new
thumbprint, or to update bindings.

1: Create or update https bindings in IIS
2: Create or update ftps bindings in IIS
3: Start external script or program
4: No (additional) installation steps

Which installation step should run first?: 4

[reportes.fupad.org] Authorizing...
[reportes.fupad.org] Authorizing using http-01 validation (SelfHosting)
[reportes.fupad.org] Authorization result: invalid
[reportes.fupad.org] {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "186.155.246.181: Invalid response from http://reportes.fupad.org/.well-known/acme-challenge/2FWCCdn-VP_-klYHeUgLnJjWcwg0lLyXxhgq3_b9r3s: 404",
"status": 403
}

y sigo con el mismo error y no he podido generar el certificado

Might be a permissions problem.
Make sure IIS doesn't require authentication for that site.
Make sure IIS does require encryption for that (unencrypted) site.

1 Like

Gracias por los detalles, @jaramirez.

Creo que el problema puede ser en este paso

No conozco muy bien el cliente win-acme, pero la opción "2: Serve verification" me parece igual que la opción "standalone" en Certbot.

Pero eso no funciona cuándo hay otro aplicación servidor web (por ejemplo IIS) ocupando la puerta 80.

Si tiene un lugar en el disco donde se puede guardar archivos que luego aparecen en las ubicaciones correspondientes en el sitio web, sería posible usar la opción "1: Save verification files on (network) path". (Por ejemplo si, al poner un archivo en C:\Program Files\IIS\Web Content\My Site\mi-archivo, el mismo archivo aparece en http://reportes.fupad.org/mi-archivo, la respuesta a la pregunta de opción 1 sería C:\Program Files\IIS\Web Content\My Site.)

Pero si no hay tal lugar desde el que puede servir archivos est√°ticos, creo que ser√≠a √ļtil usar otro cliente con mejor integraci√≥n con IIS, como Certifiy The Web.

3 Likes

Schoen buen dia, gracias por tu respuesta.

realice la descarga de Certify the web, segui los pasos de instalacion he intente crear el certificado y me sale el mismo error que tenia con Acme.

Could not verify URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/configcheck

ya revise los temas de permisos en las carpetas y estan habilitados full

@webprofusion, any ideas about what might be causing this configcheck error?

2 Likes

@jaramirez can you provide the whole log file for this managed certificate?

You need to run the app on the same machine that you are trying to get a certificate for, so that the app can respond to Let's Encrypt for you.

2 Likes

@webprofusion envio informacion del log al momento de crear el certificado en el servidor

2022-05-11 09:13:08.706 -05:00 [INF] ---- Beginning Request [reportes.fupad.org] ----
2022-05-11 09:13:08.707 -05:00 [INF] Certify/5.6.8.0 (Windows; Microsoft Windows NT 10.0.14393.0)
2022-05-11 09:13:08.712 -05:00 [INF] Beginning Certificate Request Process: reportes.fupad.org using ACME Provider:Certes
2022-05-11 09:13:08.712 -05:00 [INF] Requested identifiers to include on certificate: reportes.fupad.org
2022-05-11 09:13:08.713 -05:00 [INF] Beginning certificate order for requested domains
2022-05-11 09:13:09.700 -05:00 [INF] BeginCertificateOrder: creating/retrieving order. Retries remaining:2
2022-05-11 09:13:11.223 -05:00 [INF] Created ACME Order: https://acme-v02.api.letsencrypt.org/acme/order/537251976/87734543706
2022-05-11 09:13:11.652 -05:00 [INF] Fetching Authorizations.
2022-05-11 09:13:12.917 -05:00 [INF] Got http-01 challenge https://acme-v02.api.letsencrypt.org/acme/chall-v3/107457846456/RGQwFA
2022-05-11 09:13:13.333 -05:00 [INF] Got dns-01 challenge https://acme-v02.api.letsencrypt.org/acme/chall-v3/107457846456/uwdH0A
2022-05-11 09:13:15.106 -05:00 [INF] Http Challenge Server process unavailable.
2022-05-11 09:13:15.106 -05:00 [INF] Attempting Domain Validation: reportes.fupad.org
2022-05-11 09:13:15.106 -05:00 [INF] Registering and Validating reportes.fupad.org
2022-05-11 09:13:15.106 -05:00 [INF] Preparing automated challenge responses (reportes.fupad.org)
2022-05-11 09:13:15.106 -05:00 [INF] Preparing challenge response for the issuing Certificate Authority to check at: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ with content So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ.EA1STQd-duSSmwqOC0uEjMtMKiMm-65Goj2cHhuBr6E
2022-05-11 09:13:15.106 -05:00 [INF] If the challenge response file is not accessible at this exact URL the validation will fail and a certificate will not be issued.
2022-05-11 09:13:15.182 -05:00 [INF] Using website path C:\Inetpub\vhosts\default\htdocs
2022-05-11 09:13:15.185 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: True, timeout: 5000ms]
2022-05-11 09:13:17.167 -05:00 [WRN] Problem checking URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ The remote server returned an error: (404) Not Found.
2022-05-11 09:13:17.169 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: False, timeout: 5000ms]
2022-05-11 09:13:17.180 -05:00 [ERR] Failed to confirm URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ
System.Net.WebException: The remote server returned an error: (404) Not Found.
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.NetworkUtils.d__4.MoveNext() in D:\a\certify-service\certify-service\src\certify-build\certify\src\Certify.Shared\Management\NetworkUtils.cs:line 153
2022-05-11 09:13:17.193 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: True, timeout: 5000ms]
2022-05-11 09:13:17.867 -05:00 [WRN] Problem checking URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ The remote server returned an error: (404) Not Found.
2022-05-11 09:13:17.867 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: False, timeout: 5000ms]
2022-05-11 09:13:17.874 -05:00 [ERR] Failed to confirm URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ
System.Net.WebException: The remote server returned an error: (404) Not Found.
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.NetworkUtils.d__4.MoveNext() in D:\a\certify-service\certify-service\src\certify-build\certify\src\Certify.Shared\Management\NetworkUtils.cs:line 153
2022-05-11 09:13:17.885 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: True, timeout: 5000ms]
2022-05-11 09:13:18.601 -05:00 [WRN] Problem checking URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ The remote server returned an error: (404) Not Found.
2022-05-11 09:13:18.601 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: False, timeout: 5000ms]
2022-05-11 09:13:18.607 -05:00 [ERR] Failed to confirm URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ
System.Net.WebException: The remote server returned an error: (404) Not Found.
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.NetworkUtils.d__4.MoveNext() in D:\a\certify-service\certify-service\src\certify-build\certify\src\Certify.Shared\Management\NetworkUtils.cs:line 153
2022-05-11 09:13:18.621 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: True, timeout: 5000ms]
2022-05-11 09:13:19.115 -05:00 [WRN] Problem checking URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ The remote server returned an error: (404) Not Found.
2022-05-11 09:13:19.115 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: False, timeout: 5000ms]
2022-05-11 09:13:19.121 -05:00 [ERR] Failed to confirm URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ
System.Net.WebException: The remote server returned an error: (404) Not Found.
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.NetworkUtils.d__4.MoveNext() in D:\a\certify-service\certify-service\src\certify-build\certify\src\Certify.Shared\Management\NetworkUtils.cs:line 153
2022-05-11 09:13:19.133 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: True, timeout: 5000ms]
2022-05-11 09:13:19.602 -05:00 [WRN] Problem checking URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ The remote server returned an error: (404) Not Found.
2022-05-11 09:13:19.603 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: False, timeout: 5000ms]
2022-05-11 09:13:19.609 -05:00 [ERR] Failed to confirm URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ
System.Net.WebException: The remote server returned an error: (404) Not Found.
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.NetworkUtils.d__4.MoveNext() in D:\a\certify-service\certify-service\src\certify-build\certify\src\Certify.Shared\Management\NetworkUtils.cs:line 153
2022-05-11 09:13:19.621 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: True, timeout: 5000ms]
2022-05-11 09:13:20.087 -05:00 [WRN] Problem checking URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ The remote server returned an error: (404) Not Found.
2022-05-11 09:13:20.087 -05:00 [INF] Checking URL is accessible: http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ [proxyAPI: False, timeout: 5000ms]
2022-05-11 09:13:20.093 -05:00 [ERR] Failed to confirm URL is accessible : http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ
System.Net.WebException: The remote server returned an error: (404) Not Found.
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.NetworkUtils.d__4.MoveNext() in D:\a\certify-service\certify-service\src\certify-build\certify\src\Certify.Shared\Management\NetworkUtils.cs:line 153
2022-05-11 09:13:20.094 -05:00 [INF] Failed prerequisite configuration checks (SSL_ACME)
2022-05-11 09:13:20.095 -05:00 [INF] Automated configuration checks failed. Authorizations will not be able to complete.
Check you have http bindings for your site and ensure you can browse to http://reportes.fupad.org/.well-known/acme-challenge/configcheck before proceeding.
2022-05-11 09:13:21.616 -05:00 [INF] Attempting Challenge Response Validation for Domain: reportes.fupad.org
2022-05-11 09:13:21.617 -05:00 [INF] Registering and Validating reportes.fupad.org
2022-05-11 09:13:21.617 -05:00 [INF] Checking automated challenge response for Domain: reportes.fupad.org
2022-05-11 09:13:23.291 -05:00 [INF] Domain validation failed: reportes.fupad.org
186.155.246.181: Invalid response from http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ: 404 Forbidden urn:ietf:params:acme:error:unauthorized
2022-05-11 09:13:24.894 -05:00 [INF] Validation of the required challenges did not complete successfully. Domain validation failed: reportes.fupad.org
186.155.246.181: Invalid response from http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ: 404 Forbidden urn:ietf:params:acme:error:unauthorized
2022-05-11 09:13:24.895 -05:00 [INF] Validation of the required challenges did not complete successfully. Domain validation failed: reportes.fupad.org
186.155.246.181: Invalid response from http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ: 404 Forbidden urn:ietf:params:acme:error:unauthorized
2022-05-11 09:13:24.895 -05:00 [INF] Validation of the required challenges did not complete successfully. Domain validation failed: reportes.fupad.org
186.155.246.181: Invalid response from http://reportes.fupad.org/.well-known/acme-challenge/So6lQDfxzzK68HwKQEL8OzyZsVKMjuPZpEdiiy9P4SQ: 404 Forbidden urn:ietf:params:acme:error:unauthorized

Thanks, so this message likely means that whatever process is listening on port 80 is not IIS and is blocking sharing of port 80.

Are you running something like apache or a reverse proxy service on port 80? Your website root path of vhosts\default\htdocs sounds very like an Apache configuration.

If not, try restarting your server - the challenge response service should be able to share port 80 with IIS. This problem is the same reason win-acme failed to work.

Alternatively, if it's easier, you may want to look at DNS validation.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.