Get-ACMECertificate : asset file does not exist


#1

Hi there,

i´m relatively new to the whole usage of LE Certificates, but i figured out to get it work on my Exchange 2016 enviroment.
Im using the ACME Sharp PS Module and used the PS Script from NetoMeter to set the process up.
Now after round about ~90 days it comes to the first renewal of the used certificate.

Whe i run the Script all domains (CN) and subdomains (SAN) are requested and get a “Valid” status.
Whe i look into the Vault they got all information they should (incl. serial nr.)

But heres the problem ißm confronted with.
After the succesful validation, the command:
Get-ACMECertificate
ends up with the result:
asset file does not exist

I have no idea, why this ist happening. I´ve looked up in the ACME source code, that the command ist related to the 99-* folder in the ACME Vault. This folder is not created during the certificate creation process in my case.

I hope someone could help me with this problem.
If i missed any information you need, pls let me know.

Sincerly,
Karsten


#2

Hi!
We are in the exact same boat!
I have setup a LE certificate on our own exchange 2016 server, and tried to simulate a renewal by executing again the script.
I also get a bunch of errors even though the status if the identifiers are reported as valid.
We went through commands step by step, and we have a serial number for our certificate.
This command fails :
PS C:\Certificates> Get-ACMECertificate $SANcert_alias -ExportPkcs12 $SAN_pfxfile
Get-ACMECertificate : asset file does not exist
Au caractère Ligne:1 : 1

  • Get-ACMECertificate $SANcert_alias -ExportPkcs12 $SAN_pfxfile
  •   + CategoryInfo          : NotSpecified: (:) [Get-ACMECertificate], FileNotFoundException
      + FullyQualifiedErrorId : System.IO.FileNotFoundException,ACMESharp.POSH.GetCertificate
    
    

Did you find a solution for this issue?


#3

So i still have the same issue, first run is OK then i get this error, but only if i try to export directly as pkcs12. If i manually export the certificate as PEM (key then certificate), then merge them with openssl, i can import the certificate in IIS without issue.
There seems to be an issue with the way it handles pkcs12, but i have no idea why…


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.