Exchange letsencrypt

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:ixi.group

I ran this command:

wacs.exe --target manual --host mail.mycompany.com,webmail.mycompany.com,autodiscover.mycompany.com --certificatestore My --acl-fullcontrol "network service,administrators" --installation iis,script --installationsiteid 1 --script "./Scripts/ImportExchange.ps1" --scriptparameters "'{CertThumbprint}' 'IIS,SMTP,IMAP' 1 '{CacheFile}' '{CachePassword}' '{CertFriendlyName}'"

It produced this output:

A simple Windows ACMEv2 client (WACS)
 Software version 2.1.9.870 (RELEASE, PLUGGABLE)
 ACME server https://acme-v02.api.letsencrypt.org/
 IIS version 10.0
 Running with administrator credentials
 Scheduled task not configured yet
 Please report issues at https://github.com/win-acme/win-acme
 Running in mode: Unattended
 Target generated using plugin Manual: mail.mycompany.com and 2 alternatives

 [autodiscover.mycompany.com] Cached authorization result: valid
 [mail.mycompany.com] Cached authorization result: valid
 Unable to activate listener, this may be because of insufficient rights or a non-Microsoft webserver using port 80
 An error occured while commiting validation configuration: Failed to listen on prefix 'http://+:80/.well-known/acme-challenge/' because it conflicts with an existing registration on the machine.
 Create certificate failed: Commit failed

My web server is (include version):
IIS v 10.0.17763.1
The operating system my web server runs on is (include version):windows server standart 2019

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):A simple Windows ACMEv2 client (WACS)
Software version 2.1.9.870 (RELEASE, PLUGGABLE)
ACME server https://acme-v02.api.letsencrypt.org/
IIS version 10.0
Running with administrator credentials
Scheduled task not configured yet
Please report issues at https://github.com/win-acme/win-acme
Running in mode: Unattended
Target generated using plugin Manual: mail.ixi.group and 2 alternatives

Hi @mm_mm

please read your output. Your http://webmail.ixi.group/ has already a running webserver, so your client can’t start an own.

1 Like

[quote=“JuergenAuer, post:2, topic:129130”]
please read your output. Your http://webmail.ixi.group/ has already a running webserver, so your client can’t start an own.
[/quote] yes, I noticed this and tried to stop iis, I got this error:
A simple Windows ACMEv2 client (WACS)
Software version 2.1.9.870 (RELEASE, PLUGGABLE)
ACME server https://acme-v02.api.letsencrypt.org/
IIS version 10.0
Running with administrator credentials
Scheduled task not configured yet
Please report issues at https://github.com/win-acme/win-acme
Running in mode: Unattended
Target generated using plugin Manual: mail.ixi.group and 2 alternatives
Store plugin IIS not available: No IIS websites available… Choose another plugin using the --store switch or change the default in settings.json
Installation plugin could not be selected

I decided to try to remove the port 80 bindings in iis, but the port continues to listen, I don’t know what it is, trying to understand why port 80 continues to listen

Check your headers:

Server: Microsoft-HTTPAPI/2.0

That’s not an IIS, that’s an additional http server.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.