Error getting validation data", "status": 400

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
[INFO] A simple Windows ACMEv2 client (WACS)
[INFO] Software version (RELEASE)
[INFO] IIS version 8.5
[INFO] Scheduled task looks healthy
[INFO] Please report issues at

N: Create new certificate (simple for IIS)
M: Create new certificate (full options)
L: List scheduled renewals
R: Renew scheduled
S: Renew specific
A: Renew all
O: More options…
Q: Quit

Please choose from the menu: n

[INFO] Running in mode: Interactive, Simple

Please specify how the list of domain names that will be included in the
certificate should be determined. If you choose for one of the “all bindings”
options, the list will automatically be updated for future renewals to reflect

the bindings at that time.

1: Single binding of an IIS website
2: All bindings of an IIS website
3: All bindings of multiple IIS websites
4: Manual input
5: Read a CSR created by another program
: Abort

How shall we determine the domain(s) to include in the certificate?: 2

1: ReservaWeb
: Abort

Choose site: 1

It produced this output:

[INFO] Target generated using plugin IISSite:
[INFO] Authorize identifier:
[INFO] Authorizing using http-01 validation (SelfHosti
[EROR] {
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching
/eJDVbanlrd27m_ptjbzAg9_ViF7_t_0bgiK_xGqc09I: Error getting validation data”,
“status”: 400
[EROR] Authorization result: invalid
[EROR] Create certificate failed: Authorization failed

My web server is (include version): iis 8.5

The operating system my web server runs on is (include version): Windows server 2002

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): NO

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

You might want to update your client to the latest version []

As far as the error 400…
That seems very interesting.
Normally 404 would be shown [when the item can’t be found].
400 implies some sort of “malformed” request.
I’ve tried duplicating the request, but only get 404 [not 400].
It is only when “special” unexpected characters are introduced that 400 is returned.
[Like adding a “:” anywhere in the file name]

Try the newer client and let’s see if that helps.

I tryed the new version.
got this:
1: [Manual] - renewed 4 times, due now, 19 errors like
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching
/MhsRH_grXzRh2kQXngzoPkJWroYY5fwN1055bI1CAKY: Error getting validation data”,
“status”: 400

Same results at this end… 404 not 400:

curl -Iki
HTTP/1.1 404 Not Found
Content-Length: 1282
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 01 Jun 2020 18:04:03 GMT

I would try their support page:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.