Please fill out the fields below so we can help you better.
My domain is:mcsyncrosa.co.za
I ran this command: update-acmeidentifier webmail.mcsyncrosa.co.za_identi
It produced this output: status:invalid
My operating system is (include version): server 2008 R2 enterprise
My web server is (include version):
My hosting provider, if applicable, is: hetzner
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
I assume you are using the ACMESharp client ? You may be better opening an issue with that developer - https://github.com/ebekker/ACMESharp/issues
I’ll try and help though. Did you add the challenge token, and can you reach it in your browser ?
Can you also paste the complete log and error at this point please.
Hi
Thanks for you reply
Cannot reach it in browser. Ran the following script:
Import-module ACMEsharp
New-ACMERegistration -contacts mailto:kyle@tenacit.net -AcceptTos
IdentifierPart : ACMESharp.Messages.IdentifierPartremote.mcsyncrosa.co.za https://acme-v01.api.letsencrypt.org/acme/authz/P2e2whPLL9kgtHBUcYMgSIfi6mg731c-qrxV7HI_VQg
PS C:\Windows\system32> Complete-ACMEChallenge remote.mcsyncrosa.co.za_id -ChallengeType http-01 -Handler iis -HandlerPrameters @{ WebSiteRef = ‘Default Web Site’ }
IdentifierPart : ACMESharp.Messages.IdentifierPartremote.mcsyncrosa.co.za https://acme-v01.api.letsencrypt.org/acme/authz/P2e2whPLL9kgtHBUcYMgSIfi6mg731c-qrxV7HI_VQg
PS C:\Windows\system32> Submit-ACMEChallenge remote.mcsyncrosa.co.za_id -ChallengeType http-01
IdentifierPart : ACMESharp.Messages.IdentifierPartremote.mcsyncrosa.co.za https://acme-v01.api.letsencrypt.org/acme/authz/P2e2whPLL9kgtHBUcYMgSIfi6mg731c-qrxV7HI_VQg
PS C:\Windows\system32> Update-ACMEIdentifier remote.mcsyncrosa.co.za_id
IdentifierPart : ACMESharp.Messages.IdentifierPartremote.mcsyncrosa.co.za https://acme-v01.api.letsencrypt.org/acme/authz/P2e2whPLL9kgtHBUcYMgSIfi6mg731c-qrxV7HI_VQg
This is a different error, for a different domain.
You are trying to perform a DNS challenge on remote.mcsyncrosa.co.za - but the relevant DNS records don’t exist for remote.mcsyncrosa.co.za . How have you tried to provide the relevant dns token ?
My bad
I have done this with webmail.mcsyncrosa.co.za and dns record exists.
webmail.mcsyncrosa.co.za looks fine, yes. remote.mcsyncrosa.co.za needs the DNS sorting out before that will work though.
Results from webmail letsEncrypt identifier creation
PS C:\Windows\system32> New-ACMERegistration -contacts mailto:kyle@tenacit.net -AcceptTos
Contacts : {mailto:kyle@tenacit.net }https://acme-v01.api.letsencrypt.org/acme/reg/7214845 https://acme-v01.api.letsencrypt.org/acme/new-authz ;rel=“next”,https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf ;rel=“terms-of-service”}https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf
PS C:\Windows\system32> New-ACMEIdentifier -Dns webmail.mcsyncrosa.co.za -Alias webmail.mcsyncrosa.co.za_1
IdentifierPart : ACMESharp.Messages.IdentifierPartwebmail.mcsyncrosa.co.za https://acme-v01.api.letsencrypt.org/acme/authz/7fuwXYvvcaoHQNhcqFTQiOYQHkUPtTdpm9DsT4vwe7A
PS C:\Windows\system32> Complete-ACMEChallenge webmail.mcsyncrosa.co.za_1 -ChallengeType http-01 -Handler iis -HandlerPa
IdentifierPart : ACMESharp.Messages.IdentifierPartwebmail.mcsyncrosa.co.za https://acme-v01.api.letsencrypt.org/acme/authz/7fuwXYvvcaoHQNhcqFTQiOYQHkUPtTdpm9DsT4vwe7A
PS C:\Windows\system32> Submit-ACMEChallenge webmail.mcsyncrosa.co.za_1 -ChallengeType http-01
IdentifierPart : ACMESharp.Messages.IdentifierPartwebmail.mcsyncrosa.co.za https://acme-v01.api.letsencrypt.org/acme/authz/7fuwXYvvcaoHQNhcqFTQiOYQHkUPtTdpm9DsT4vwe7A
PS C:\Windows\system32> Update-ACMEIdentifier webmail.mcsyncrosa.co.za_1
IdentifierPart : ACMESharp.Messages.IdentifierPartwebmail.mcsyncrosa.co.za https://acme-v01.api.letsencrypt.org/acme/authz/7fuwXYvvcaoHQNhcqFTQiOYQHkUPtTdpm9DsT4vwe7A
PS C:\Windows\system32>
Are you intending to do this as a DNS verification ? if so, what token have you added to your DNS ? because from a quick check I can’t see it.
ahaw021
December 13, 2016, 10:23am
9
hi kyetenacit
i have written a guide on how to use IIS and lets encrypt
https://www.linkedin.com/pulse/lets-encrypt-part-1-issuing-installing-certificates-andrei-hawke?trk=mp-reader-card
I think you are getting stuck on completing the the challenges.
From what I understand you want to use the HTTP challenge?
At the bottom of that article it talks about how you need enable mime types for the .ACME challenge directory