First Install of certbot for IIS 8.5

Thanks for at least trying Mike

4 Likes

Sorry Mike, I omited photos

curl http://82.40.52.30/photos/.well-known/acme-challenge/test

This deff works

2 Likes
http://jonmcghee.co.uk\Photos\.well-known\acme-challenge\test
2 Likes

That does not work from curl - it gets the same frame error response as all earlier attempts. Not even after changing the backslash to slash. More importantly, Let's Encrypt server will not use such a request - its URL to your server will not include /Photos. It will look like the requests in posts #6 and #7 and below

You can try this at home :slight_smile: Or, even use a website like https://reqbin.com/curl if you want to be sure you are accessing your site with the public internet.

curl -i http://jonmcghee.co.uk/.well-known/acme-challenge/test

You should see your test data - not the "sorry no frame support" error page

NOTE: For IIS, you will need to add a web.config file in the /.well-known/acme-challenge/ folder along with your test file. IIS will not send files with no extension without it. Certbot makes one for you but we need to have one in place when testing like this. I do not think this web.config being missing so far has led us astray. But, you will need it to see a successful test. Add the contents below as a web.config file as I just described:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.webServer>
      <staticContent>
          <mimeMap fileExtension="." mimeType="text/plain" />
      </staticContent>
  </system.webServer>
</configuration>
3 Likes

There's a couple of wacky things going on here which makes thing more confusing:

  • Your main website address http://jonmcghee.co.uk is being served by IIS
  • Your actual content within the frameset is being served via another IP address, using Apache.

Your IIS web root path will be something like C:\inetpub\wwwroot (or a subfolder of that). This is the website you're trying to get your certificate for initially so that at least the frameset it served with https. I believe you have currently pointed certbot at your apache server instead.

Is there a reason you have split the website across two different webservers? If not, just use one or the other for everything.

3 Likes

I see some links also go to a .com version of your domain name. I'd really recommend taking the opportunity to rebuild your website at one domain (directing if required). There are a number of free/cheap web hosts for static websites and some will manage https config for you.

3 Likes

Done as requested. web.config in place.
I tried myself and it still fails. However if I ust my IP it works fine.

Result:

C:>curl -i http://82.40.52.30/photos/.well-known/acme-challenge/test
HTTP/1.1 200 OK
Date: Tue, 30 Nov 2021 00:53:26 GMT
Server: Apache/2.4.46 (Win64) PHP/7.3.21
Content-Location: test.txt
Vary: negotiate
TCN: choice
Last-Modified: Mon, 29 Nov 2021 20:07:50 GMT
ETag: "36-5d1f2fec43849;5d1f6e39671bb"
Accept-Ranges: bytes
Content-Length: 54
Content-Type: text/plain

Hello rg305. Hopefully you managed to reach this file.

However using jonmcghee.co.uk

It fails as you described.

2 Likes

LE won't work via redirects to IPs, nor via HTML framed content.

3 Likes

Thanks rg305.
Good willing help here.
It’s a shame it doesn’t work with redirects to IPs as it’s a fantastic idea.
Most domain hosts are robbing people, but you guys are offsetting it.
It hasn’t worked out for me, but keep up the good work guys.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.