HTTPS on EC2 IIS Server for Windows 2008


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:aAtomcloud.com

I ran this command:letsencrypt.exe --test

It produced this output:
ACME server was unable to reach

My web server is (include version): Windows 2008 SP2 IIS 7

The operating system my web server runs on is (include version): Windows

My hosting provider, if applicable, is: goDaddy

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): IIS


#2

Hi,

Is that the full output? or it’s like ACME server was unable to reach atomcloud.com/.well-known/acme-challenge/ [random-strings]

Are you using PKISharp?

Thank you


#3

LetsEncrypt Win Simple
I was following steps from here
https://www.netometer.com/blog/?p=1758

Writing web.config to add extensionless mime type to C:\aAtomSalesWS.well-known
\acme-challenge\web.config
Answer should now be browsable at http://aatomcloud.com/.well-known/acme-challen
ge/uU6UabI12Mr7Lq4IBs9x2h-0TQWJxWT1edgsuRSbH3A
Submitting answer
Refreshing authorization
Authorization Result: invalid
Authorization Failed invalid


The ACME server was probably unable to reach http://aatomcloud.com/.well-known/a
cme-challenge/uU6UabI12Mr7Lq4IBs9x2h-0TQWJxWT1edgsuRSbH3A

Check in a browser to see if the answer file is being served correctly.
Authorize failed: This could be caused by IIS not being setup to handle extensio
nless static files.Here’s how to fix that:
1.In IIS manager goto Site/ Server->Handler Mappings->View Ordered List
2.Move the StaticFile mapping above the ExtensionlessUrlHandler mappings. (like
this http://i.stack.imgur.com/nkvrL.png)
3.If you need to make changes to your web.config file, update the one at C:\lets
encrypt-win-simple.V1.9.3\web_config.xml


#4

Hi,

You are using GoDaddy’s URL Shortner (Might be URL Redirector)…

Is there a reason you use Redirection instead of pointing to server IP?

Since GoDaddy doesn’t deal with this (verification file) & lets encrypt is not going to accept it either…

Thank you


#5

My domain is already on goDaddy

Since i have hosted my work on AWS EC2 ,
I forwarding my site from goDaddy with masked forwarding to EC2 IP

Is there other way to do it?


#6

Hi,

You could directly point the domain to EC2 IP address…

Use A record instead of masked redirection…

Thank you


#7

Hi Steven,

I created A record for my AWS IP address.

and tried doing the setup.

But it says Site Coming Soon

I also have already existing A record for Parked.

Can you guide me what I need to do to use LetsEncrypt for my already bought domain in goDaddy.

Thank you.

Rajeshwari


#8

I am trying all options…
what I feel is I am not correctly Binding my website.

in my case what should be the Hostname ?


#9

Hi @Khushi2005

create a https-binding, add the certificate. You may let the hostname field empty.


#10

Let me iterate my steps:
On IIS Server, there is a default site already,
I go and new website by right clicking
I created a New Website,
Name:BasicDemo
Physical Path: c:\Myfolder
Under Bindings:
Type: http
IP addresss: Unassigned
Port:80
Hostname:???

Initailly I gave my domain name www.MyDomainName.Com but it gave me error


#11

Every binding must be unique. So if your default website has already a http binding / all ip addresses / Port 80 / no hostname, you cannot create a second website with the same binding.

Use the default.


#12

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.