Installing cert for Dameware

I am new here and have never tried to use Let's Encrypt or CertBot. I'm hoping what I am trying to do is possible. I have Dameware Central Server installed on a Windows 2016 server so we can use Dameware Remote Control to provide remote support to our end users. There is no web server installed on the machine other than what the Dameware software itself is using. Any help on how to get started would be greatly appreciated.

My domain is:

I ran this command: none yet

It produced this output: none yet

My web server is (include version): Dameware

The operating system my web server runs on is (include version):Windows Server 2016

My hosting provider, if applicable, is: My Azure Tenant

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): unknown

Hi @cdennick,

It looks like your server is based on Microsoft IIS. Do you have access to configure IIS on this server somehow?

1 Like

I have full admin access to the server, but IIS hasn't been installed on it, just the application from Dameware.

You don't need to install IIS [if you are not going to serve any web pages].
You should install an ACME client, obtain a cert, automate the certificate renewal process, and look into automating the cert installation process as well.
So that is four (independent) steps.
I would start with the last step as the target.
That means, learn how a certificate can be used by the Dameware software [and in what format the certificate needs to be in (yes, there are choices there)].
That may help determine which is the best ACME client (for Windows) to use.
Once you chose the ACME client, you can begin the four steps.
This community is here to help you with (most of) those steps [perhaps all of them].

1 Like

Hmmm, there's definitely a server there identifying itself as Microsoft-IIS/10.0.

@rg305 it seems like this service is already using IIS—somehow! (I don't know where it came from, though.)


They may be following a guide, who knows.
[this is my first time seeing Dameware and certificates here]

1 Like

Hi you can use any windows ACME tool to get your certificate, then you need to bind it to the service port:

I develop, which will do it or you could use win-acme or Posh-ACME (see also

Keep in mind that getting a certificate and applying it your service are two very distinct steps, so get your cert first then figure out how to automate applying it (scripting is usually easiest, e.g. powershell or .bat).

Once you've done that you need to automate by including the binding update step as part of your automated renewal, because Let's Encrypt certs need to renew at least every 90 days, if not more frequently.


IIS wasa turned on to test the DNS with the URL. I turned it off but apparently forgot to reboot so it was still there. I've rebooted now and IIS is no longer active on the server.

1 Like

Thank you everyone for your responses. I wanted to give the suggestions a try yesterday, and then today, but got pulled away in several other directions and never got the time to try them. I will take a closer look at everything next week (time permitting) and either come back with more questions or update the thread that it's working. Again, thank you everyone!

1 Like

Got it. I see above that you're not going to be working on this right away, but if that IIS is not the way that people access the Dameware service, it would be helpful to know how they do access it (e.g. via a different port number instead of 80 or 443, or something).

Good luck!


Note also that a permanent webserver on port 80 is not required to do http validation because many acme clients can self-host their own http challenge response service (if your server is internet facing and port 80 is still open). Certify The Web has it by default and win-acme also has it as an option (both using a temporary http.sys listener).


In Certbot (less-used on Windows), we call that method "standalone", and that term is also used by a number of other clients. It is "standalone" because it's not reliant on an existing web service.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.