Failed to renew on windows server iis 2008 what to do?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: failed to renew

It produced this output:

My web server is (include version): iis7.5
The operating system my web server runs on is (include version): windows 2008 server

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

we did get this resolved but had a gap with the way we renew due to waiting for cert to expire

how do we avoid waiting for experation?

How did you?:

Is very outdated.


Just a bit.


IIS6 doesn't support SNI


The http response header says IIS/7.5


yes it is 7.5

Let's Encrypt certificates do not have to be expired before renewing them. In fact, the recommended renewal schedule according to Let's Encrypt is 30 days before expiration (60 days after issuance). Overlapping certificates can both be valid at the same time, so you don't have to have an outage or downtime. The new certificate doesn't invalidate the old one just by its existence.

Beyond that, it would be helpful to know which Let's Encrypt client application you're using, since there are about 100 different options and they all behave differently (including about 5 or 6 different applications that are IIS-specific).


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.