When I visit the URL in the browser I get exactly the same token as Let’s Encrypt is expecting as text/plain response:
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Sun, 27 Mar 2016 06:32:35 GMT
Accept-Ranges: bytes
ETag: "eb281a73f287d11:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 27 Mar 2016 06:37:32 GMT
Content-Length: 90
I used a file compare program to make sure the contents of the file are what’s expected. I am at a loss to try to figure out what else it could be? Anyone has any ideas?
I assume you are using the official client ( if not, please let us know which one )
If you place a test text file in /.well-known/acme-challenge/testfile can you reach it OK with a browser ? and does it pick up as plain text ? are you happy to provide a URL link to that so we can test ( or to the real token if it’s still there )
Are you using ACMESharp for obtaining the certificate ? it’s not one I’ve used, so just reading though that methodology. At the moment, to me, it looks as if the contents of that file are incorrect ( difficult to be certain without out the various keys though - which you should NOT provide here and make public).
Can you provide the output to the “Complete-ACMEChallenge dns1 -ChallengeType http-01 -Handler manual” command that you did please ? which should look something like;
== Manual Challenge Handler - HTTP ==
* Handle Time: [1/12/2016 1:16:34 PM]
* Challenge Token: [2yRd04TwqiZTh6TWLZ1azL15QIOGaiRmx8MjAoA5QH0]
To complete this Challenge please create a new file
under the server that is responding to the hostname
and path given with the following characteristics:
* HTTP URL: [http://myserver.example.com/.well-known/acme-challenge/2yRd04TwqiZTh6TWLZ1azL15QIOGaiRmx8MjAoA5QH0]
* File Path: [.well-known/acme-challenge/2yRd04TwqiZTh6TWLZ1azL15QIOGaiRmx8MjAoA5QH0]
* File Content: [2yRd04TwqiZTh6TWLZ1azL15QIOGaiRmx8MjAoA5QH0.H3URk7qFUvhyYzqJySfc9eM25RTDN7bN4pwil37Rgms]
* MIME Type: [text/plain]
Challenge Token: [syyxU6-6cGJOzbABugidt–FZtEDfBdzcv5C68QzkFY]
To complete this Challenge please create a new file
under the server that is responding to the hostname
and path given with the following characteristics:
I had the same problem. I generated the challenge token file, but unfortunately I had a NewLine (CR/LF) at the end of the file. Letsencrypt is failing authorization, if there are any additional characters in the file. You won’t see it in a browser, but if you open the file in a text editor directly on the server, you can see, if there are any additional characters.
Hum, I think boulder should ignore white chars (\t \n \r \x20) in the beginning and the end of the challenge file. A bit like the "".strip() method do in python.