HTTPS on EC2 IIS Server for Windows 2008

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain

I ran this command:letsencrypt.exe --test

It produced this output:
ACME server was unable to reach

My web server is (include version): Windows 2008 SP2 IIS 7

The operating system my web server runs on is (include version): Windows

My hosting provider, if applicable, is: goDaddy

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): IIS


Is that the full output? or it's like ACME server was unable to reach [random-strings]

Are you using PKISharp?

Thank you

LetsEncrypt Win Simple
I was following steps from here

Writing web.config to add extensionless mime type to C:\aAtomSalesWS.well-known
Answer should now be browsable at
Submitting answer
Refreshing authorization
Authorization Result: invalid
Authorization Failed invalid

The ACME server was probably unable to reach

Check in a browser to see if the answer file is being served correctly.
Authorize failed: This could be caused by IIS not being setup to handle extensio
nless static files.Here’s how to fix that:
1.In IIS manager goto Site/ Server->Handler Mappings->View Ordered List
2.Move the StaticFile mapping above the ExtensionlessUrlHandler mappings. (like
3.If you need to make changes to your web.config file, update the one at C:\lets


You are using GoDaddy's URL Shortner (Might be URL Redirector)...

Is there a reason you use Redirection instead of pointing to server IP?

Since GoDaddy doesn't deal with this (verification file) & lets encrypt is not going to accept it either....

Thank you

My domain is already on goDaddy

Since i have hosted my work on AWS EC2 ,
I forwarding my site from goDaddy with masked forwarding to EC2 IP

Is there other way to do it?


You could directly point the domain to EC2 IP address…

Use A record instead of masked redirection…

Thank you

Hi Steven,

I created A record for my AWS IP address.

and tried doing the setup.

But it says Site Coming Soon

I also have already existing A record for Parked.

Can you guide me what I need to do to use LetsEncrypt for my already bought domain in goDaddy.

Thank you.


I am trying all options…
what I feel is I am not correctly Binding my website.

in my case what should be the Hostname ?

Hi @Khushi2005

create a https-binding, add the certificate. You may let the hostname field empty.

Let me iterate my steps:
On IIS Server, there is a default site already,
I go and new website by right clicking
I created a New Website,
Physical Path: c:\Myfolder
Under Bindings:
Type: http
IP addresss: Unassigned

Initailly I gave my domain name www.MyDomainName.Com but it gave me error

Every binding must be unique. So if your default website has already a http binding / all ip addresses / Port 80 / no hostname, you cannot create a second website with the same binding.

Use the default.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.