Getting "invalid" response for ACME challenge


#1

Hi LetsEncrypt community,
I am using letsencrypt-win-simple 1.9 current version as of december 20th 2016.
I am using IIS 7.5.7600
I am running Windows Server 2008 R2 sp1

Issue :

Submitting answer
Refreshing authorization
Authorization Result: invalid


The ACME server was probably unable to reach http://s1.dev.nem.ru.is/.well-known/acme-challenge/b9fp7hX_f0lwW4PxTh9kQyNM
WS6zZEery0xeJUYp7y0

Check in a browser to see if the answer file is being served correctly.

This could be caused by IIS not being setup to handle extensionless static
files. Here’s how to fix that:

  1. In IIS manager goto Site/Server->Handler Mappings->View Ordered List
  2. Move the StaticFile mapping above the ExtensionlessUrlHandler mappings.
    (like this http://i.stack.imgur.com/nkvrL.png)
  3. If you need to make changes to your web.config file, update the one
    at C:\Program Files\LetsEncrypt\web_config.xml

I have looked into several solutions to resolve this problem here is what I know so far:

  • StaticFile has been moved up in priority
  • I have added mime types (thou I shouldn’t need it as web_config.xml file should cover it)
  • I can reach the machine from outside, I do get a text string.
  • I have changed the web_config.xml file for MVC and core settings

I am kind of running out of ideas, trying to figure out why I am not getting this to work. Do you guys have any idea for a step forward ?


#2

is s1.dev.nem.ru.is the correct domain name ? If so I’m surprised the error didn’t mention DNS issues, as there are DNS problems trying to obtain an IP address for me - so can’t reach that location at all.


#3

I am sorry, truly I am, I figured out this morning, after a little rest :slight_smile: that I had been on a virtual private network connection to the network of that machine, there is no wonder that poor acme couldn’t connect.

consider this topic closed I am looking at other solutions. Thou suggestions are well accepted.


#4

You can always use the DNS-01 challenge


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.